Azure Monitor Private Link Scoped Service
This page shows how to write Terraform and Azure Resource Manager for Monitor Private Link Scoped Service and write them securely.
azurerm_monitor_private_link_scoped_service (Terraform)
The Private Link Scoped Service in Monitor can be configured in Terraform with the resource name azurerm_monitor_private_link_scoped_service
. The following sections describe 2 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_monitor_private_link_scoped_service" "ampls01linkedscopeservice" {
name = "ampls01linkedscopeservice"
resource_group_name = data.azurerm_resource_group.dev-prolab.name
scope_name = azurerm_monitor_private_link_scope.ampls01.name
linked_resource_id = azurerm_application_insights.appinsights01.id
}
resource "azurerm_monitor_private_link_scoped_service" "ampls01linkedscopeservice" {
name = "ampls01linkedscopeservice"
resource_group_name = data.azurerm_resource_group.dev-prolab.name
scope_name = azurerm_monitor_private_link_scope.ampls01.name
linked_resource_id = azurerm_application_insights.appinsights01.id
}
Parameters
The following arguments are supported:
name
- (Required) The name of the Azure Monitor Private Link Scoped Service. Changing this forces a new resource to be created.resource_group_name
- (Required) The name of the Resource Group where the Azure Monitor Private Link Scoped Service should exist. Changing this forces a new resource to be created.scope_name
- (Required) The name of the Azure Monitor Private Link Scope. Changing this forces a new resource to be created.linked_resource_id
- (Required) The ID of the linked resource. It must be the Log Analytics Workspace or the Application Insights component. Changing this forces a new resource to be created.
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the Azure Monitor Private Link Scoped Service.
Explanation in Terraform Registry
Manages an Azure Monitor Private Link Scoped Service.
Tips: Best Practices for The Other Azure Monitor Resources
In addition to the azurerm_monitor_log_profile, Azure Monitor has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_monitor_log_profile
Ensure to enable the activity retention log
It is better to enable the activity retention log to ensure that all the information required for an effective investigation is still available.
Microsoft.Insights/privateLinkScopes/scopedResources (Azure Resource Manager)
The privateLinkScopes/scopedResources in Microsoft.Insights can be configured in Azure Resource Manager with the resource name Microsoft.Insights/privateLinkScopes/scopedResources
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"private_link_scope_name": {
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"private_link_scope_name": {
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"privateLinkScopeName": {
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"privateLinkScopeName": {
Frequently asked questions
What is Azure Monitor Private Link Scoped Service?
Azure Monitor Private Link Scoped Service is a resource for Monitor of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Monitor Private Link Scoped Service?
For Terraform, the konradmaleckipl/Terraform-workshop and cloudstateu/Terraform-Labs source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the microsoft/privateAML, microsoft/AzureTRE and boscoedash/InternalExpenseApp source code examples are useful. See the Azure Resource Manager Example section for further details.