Skip to content

Commit d0f1ff6

Browse files
authored
Merge pull request #102797 from yossi-y/patch-44
Some edits
2 parents 8911dca + b54f09a commit d0f1ff6

File tree

1 file changed

+32
-20
lines changed

1 file changed

+32
-20
lines changed

articles/azure-monitor/platform/customer-managed-keys.md

Lines changed: 32 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -178,13 +178,14 @@ Content-type: application/json
178178
{
179179
"location": "<region-name>",
180180
"properties": {
181-
"clusterType": "LogAnalytics" //Should be "ApplicationInsights" for Application Insights CMK
181+
"clusterType": "LogAnalytics"
182182
},
183183
"identity": {
184184
"type": "systemAssigned"
185185
}
186186
}
187187
```
188+
"clusterType" value is "ApplicationInsights" for Application Insights CMK.
188189

189190
**Response**
190191

@@ -195,12 +196,12 @@ Identity is assigned to the *Cluster* resource at creation time.
195196
"identity": {
196197
"type": "SystemAssigned",
197198
"tenantId": "tenant-id",
198-
"principalId": "principle-id" //A GUID that was generated by the managed identity service
199+
"principalId": "principle-id"
199200
},
200201
"properties": {
201202
"provisioningState": "Succeeded",
202203
"clusterType": "LogAnalytics",
203-
"clusterId": "cluster-id" //A GUID that Log Analytics generates for the cluster
204+
"clusterId": "cluster-id"
204205
},
205206
"id": "/subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.OperationalInsights/clusters/cluster-name", //The cluster resource Id
206207
"name": "cluster-name",
@@ -209,6 +210,8 @@ Identity is assigned to the *Cluster* resource at creation time.
209210
}
210211

211212
```
213+
"principalId" is a GUID generated by the managed identity service for the *Cluster* resource.
214+
212215
> [!IMPORTANT]
213216
> Copy and keep the "cluster-id" value since you will need it in next steps.
214217
@@ -257,7 +260,7 @@ Content-type: application/json
257260
258261
{
259262
"properties": {
260-
"KeyVaultProperties": { //Key Vault key identifier details taken from Key identifier URI
263+
"KeyVaultProperties": {
261264
KeyVaultUri: "https://<key-vault-name>.vault.azure.net",
262265
KeyName: "<key-name>",
263266
KeyVersion: "<current-version>"
@@ -269,6 +272,7 @@ Content-type: application/json
269272
}
270273
}
271274
```
275+
"KeyVaultProperties" contains the Key Vault key identifier details.
272276

273277
**Response**
274278

@@ -277,10 +281,10 @@ Content-type: application/json
277281
"identity": {
278282
"type": "SystemAssigned",
279283
"tenantId": "tenant-id",
280-
"principalId": "principle-id" //A GUID that was generated by the managed identity service
284+
"principalId": "principle-id"
281285
},
282286
"properties": {
283-
"KeyVaultProperties": { // Key Vault key identifier
287+
"KeyVaultProperties": {
284288
KeyVaultUri: "https://key-vault-name.vault.azure.net",
285289
KeyName: "key-name",
286290
KeyVersion: "current-version"
@@ -289,10 +293,10 @@ Content-type: application/json
289293
"clusterType": "LogAnalytics",
290294
"clusterId": "cluster-id"
291295
},
292-
"id": "/subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.OperationalInsights/clusters/cluster-name", //The cluster resource Id
296+
"id": "/subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.OperationalInsights/clusters/cluster-name",
293297
"name": "cluster-name",
294298
"type": "Microsoft.OperationalInsights/clusters",
295-
"location": "region-name" //Example: Switzerland North
299+
"location": "region-name"
296300
}
297301
```
298302

@@ -321,7 +325,7 @@ following details:
321325
"principalId": "principal-Id"
322326
},
323327
"properties": {
324-
"KeyVaultProperties": { // Key Vault key identifier
328+
"KeyVaultProperties": {
325329
KeyVaultUri: "https://key-vault-name.vault.azure.net",
326330
KeyName: "key-name",
327331
KeyVersion: "current-version"
@@ -358,9 +362,9 @@ Content-type: application/json
358362
{
359363
"properties": {
360364
"source": "Azure",
361-
"customerId": "<workspace-id>", //Available in Azure portal under Log Analytics workspace Overview section
365+
"customerId": "<workspace-id>",
362366
"features": {
363-
"clusterDefinitionId": "<cluster-id>" //It's the "clusterId" value provided in the respond from the previous step
367+
"clusterDefinitionId": "<cluster-id>"
364368
}
365369
},
366370
"id": "/subscriptions/<subscription-id>/resourcegroups/<resource-group-name>/providers/microsoft.operationalinsights/workspaces/<workspace-name>",
@@ -369,6 +373,7 @@ Content-type: application/json
369373
"location": "<region-name>"
370374
}
371375
```
376+
"clusterDefinitionId" is the "clusterId" value provided in the response from the previous step
372377

373378
**Response**
374379

@@ -381,7 +386,7 @@ Content-type: application/json
381386
"features": {
382387
"legacy": value,
383388
"searchVersion": value,
384-
"clusterDefinitionId": "cluster-id" //The id of the Cluster resource
389+
"clusterDefinitionId": "cluster-id"
385390
},
386391
"workspaceCapping": {
387392
"dailyQuotaGb": value,
@@ -514,7 +519,7 @@ If you update your key in Key Vault and don't update the new *Key identifier* de
514519

515520
- If you try to delete a *Cluster* resource that is associated to a workspace, the delete operation will fail.
516521

517-
- Use this API call to get all *Cluster* resources for a resource group:
522+
- Use this API to get all *Cluster* resources for a resource group:
518523

519524
```rst
520525
GET https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/Microsoft.OperationalInsights/clusters?api-version=2019-08-01-preview
@@ -533,8 +538,8 @@ If you update your key in Key Vault and don't update the new *Key identifier* de
533538
"principalId": "principal-Id"
534539
},
535540
"properties": {
536-
"KeyVaultProperties": { // Key Vault key identifier
537-
KeyVaultUri: "https://{key-vault-name}.vault.azure.net",
541+
"KeyVaultProperties": {
542+
KeyVaultUri: "https://key-vault-name.vault.azure.net",
538543
KeyName: "key-name",
539544
KeyVersion: "current-version"
540545
},
@@ -635,19 +640,23 @@ Identity is assigned to the *Cluster* resource at creation time.
635640
"identity": {
636641
"type": "SystemAssigned",
637642
"tenantId": "tenant-id",
638-
"principalId": "principle-id" //A GUID that was generated by the managed identity service
643+
"principalId": "principle-id"
639644
},
640645
"properties": {
641646
"provisioningState": "Succeeded",
642647
"clusterType": "ApplicationInsights", //The value is ‘ApplicationInsights’ for Application Insights CMK
643-
"clusterId": "cluster-id" //A GUID that Log Analytics generates for the cluster - copy it since you need it for Key Vault and components association
648+
"clusterId": "cluster-id"
644649
},
645650
"id": "/subscriptions/subscription-id/resourceGroups/resource-group-name/providers/Microsoft.OperationalInsights/clusters/cluster-name", //The cluster resource Id
646651
"name": "cluster-name",
647652
"type": "Microsoft.OperationalInsights/clusters",
648653
"location": "region-name"
649654
}
650655
```
656+
"principalId" is a GUID that was generated by the managed identity service.
657+
658+
> [!IMPORTANT]
659+
> Copy and keep the "cluster-id" value since you will need it in next steps.
651660
652661
### Associate a component to a *Cluster* resource using [Components - Create Or Update](https://docs.microsoft.com/rest/api/application-insights/components/createorupdate) API
653662

@@ -658,12 +667,14 @@ Content-type: application/json
658667
659668
{
660669
"properties": {
661-
"clusterDefinitionId": "cluster-id" //It's the "clusterId" value provided in the respond from the previous step
670+
"clusterDefinitionId": "cluster-id"
662671
},
663672
"location": "<region-name>",
664-
"kind": "<component-type>", //Example: web
673+
"kind": "<component-type>"
665674
}
666675
```
676+
"clusterDefinitionId" is the "clusterId" value provided in the respond from the previous step.
677+
"kind" example is "web".
667678

668679
**Response**
669680

@@ -676,7 +687,7 @@ Content-type: application/json
676687
"tags": "",
677688
"kind": "",
678689
"properties": {
679-
"clusterDefinitionId": "cluster-id" //The Cluster resource ID that is associated to this component
690+
"clusterDefinitionId": "cluster-id"
680691
"ApplicationId": "",
681692
"AppId": "",
682693
"Application_Type": "",
@@ -696,5 +707,6 @@ Content-type: application/json
696707
}
697708
}
698709
```
710+
"clusterDefinitionId" is the *Cluster* resource ID that is associated to this component.
699711

700712
After the association, data that is sent to your components is stored encrypted with your managed key.

0 commit comments

Comments
 (0)