File tree Expand file tree Collapse file tree 6 files changed +20
-109
lines changed
scenarios/AksOpenAiTerraform Expand file tree Collapse file tree 6 files changed +20
-109
lines changed Original file line number Diff line number Diff line change @@ -13,6 +13,23 @@ ms.custom: innovation-engine, linux-related-content
1313Run commands below to set up AKS extensions for Azure.
1414
1515``` bash
16- # ./terraform/register-preview-features.sh
17- echo " HI"
18- ```
16+ ./terraform/register-preview-features.sh
17+ ```
18+
19+ ## Set up service principal
20+
21+ A Service Principal is an application within Azure Active Directory with the authentication tokens Terraform needs to perform actions on your behalf.
22+
23+ ``` bash
24+ export SUBSCRIPTION_ID=" 0c8875c7-e423-4caa-827a-1f0350bd8dd3"
25+ az ad sp create-for-rbac --role=" Contributor" " /subscriptions/$SUBSCRIPTION_ID "
26+ ```
27+
28+ ## Set up environment
29+
30+ ``` bash
31+ export ARM_CLIENT_ID=" "
32+ export ARM_CLIENT_SECRET=" "
33+ export ARM_SUBSCRIPTION_ID=" "
34+ export ARM_TENANT_ID=" "
35+ ```
Original file line number Diff line number Diff line change @@ -116,73 +116,33 @@ resource "azurerm_monitor_diagnostic_setting" "settings" {
116116
117117 enabled_log {
118118 category = " kube-apiserver"
119-
120- retention_policy {
121- enabled = true
122- days = . log_analytics_retention_days
123- }
124119 }
125120
126121 enabled_log {
127122 category = " kube-audit"
128-
129- retention_policy {
130- enabled = true
131- days = . log_analytics_retention_days
132- }
133123 }
134124
135125 enabled_log {
136126 category = " kube-audit-admin"
137-
138- retention_policy {
139- enabled = true
140- days = . log_analytics_retention_days
141- }
142127 }
143128
144129 enabled_log {
145130 category = " kube-controller-manager"
146-
147- retention_policy {
148- enabled = true
149- days = . log_analytics_retention_days
150- }
151131 }
152132
153133 enabled_log {
154134 category = " kube-scheduler"
155-
156- retention_policy {
157- enabled = true
158- days = . log_analytics_retention_days
159- }
160135 }
161136
162137 enabled_log {
163138 category = " cluster-autoscaler"
164-
165- retention_policy {
166- enabled = true
167- days = . log_analytics_retention_days
168- }
169139 }
170140
171141 enabled_log {
172142 category = " guard"
173-
174- retention_policy {
175- enabled = true
176- days = . log_analytics_retention_days
177- }
178143 }
179144
180145 metric {
181146 category = " AllMetrics"
182-
183- retention_policy {
184- enabled = true
185- days = . log_analytics_retention_days
186- }
187147 }
188148}
Original file line number Diff line number Diff line change @@ -15,11 +15,6 @@ resource "azurerm_monitor_diagnostic_setting" "settings" {
1515 content {
1616 category = . key
1717 enabled = true
18-
19- retention_policy {
20- enabled = . retention_policy_enabled
21- days = . retention_policy_days
22- }
2318 }
2419 }
2520
@@ -28,11 +23,6 @@ resource "azurerm_monitor_diagnostic_setting" "settings" {
2823 content {
2924 category = . key
3025 enabled = true
31-
32- retention_policy {
33- enabled = . retention_policy_enabled
34- days = . retention_policy_days
35- }
3626 }
3727 }
3828}
Original file line number Diff line number Diff line change @@ -232,38 +232,18 @@ resource "azurerm_monitor_diagnostic_setting" "settings" {
232232
233233 enabled_log {
234234 category = " AzureFirewallApplicationRule"
235-
236- retention_policy {
237- enabled = true
238- days = . log_analytics_retention_days
239- }
240235 }
241236
242237 enabled_log {
243238 category = " AzureFirewallNetworkRule"
244-
245- retention_policy {
246- enabled = true
247- days = . log_analytics_retention_days
248- }
249239 }
250240
251241 enabled_log {
252242 category = " AzureFirewallDnsProxy"
253-
254- retention_policy {
255- enabled = true
256- days = . log_analytics_retention_days
257- }
258243 }
259244
260245 metric {
261246 category = " AllMetrics"
262-
263- retention_policy {
264- enabled = true
265- days = . log_analytics_retention_days
266- }
267247 }
268248}
269249
@@ -274,37 +254,17 @@ resource "azurerm_monitor_diagnostic_setting" "pip_settings" {
274254
275255 enabled_log {
276256 category = " DDoSProtectionNotifications"
277-
278- retention_policy {
279- enabled = true
280- days = . log_analytics_retention_days
281- }
282257 }
283258
284259 enabled_log {
285260 category = " DDoSMitigationFlowLogs"
286-
287- retention_policy {
288- enabled = true
289- days = . log_analytics_retention_days
290- }
291261 }
292262
293263 enabled_log {
294264 category = " DDoSMitigationReports"
295-
296- retention_policy {
297- enabled = true
298- days = . log_analytics_retention_days
299- }
300265 }
301266
302267 metric {
303268 category = " AllMetrics"
304-
305- retention_policy {
306- enabled = true
307- days = . log_analytics_retention_days
308- }
309269 }
310270}
Original file line number Diff line number Diff line change @@ -39,20 +39,10 @@ resource "azurerm_monitor_diagnostic_setting" "settings" {
3939
4040 enabled_log {
4141 category = " NetworkSecurityGroupEvent"
42-
43- retention_policy {
44- enabled = true
45- days = . log_analytics_retention_days
46- }
4742 }
4843
4944 enabled_log {
5045 category = " NetworkSecurityGroupRuleCounter"
5146 enabled = true
52-
53- retention_policy {
54- enabled = true
55- days = . log_analytics_retention_days
56- }
5747 }
5848}
Original file line number Diff line number Diff line change @@ -37,10 +37,4 @@ variable "tags" {
3737variable "log_analytics_workspace_id" {
3838 description = " Specifies the log analytics workspace id"
3939 type = string
40- }
41-
42- variable "log_analytics_retention_days" {
43- description = " Specifies the number of days of the retention policy"
44- type = number
45- default = 7
4640}
You can’t perform that action at this time.
0 commit comments