updating azure dignostics settings and Log analytics id input

kumarvna · kumarvna · commit 3e1fdd01744a · 2021-10-31T16:37:29.000+05:30
diff --git a/main.tf b/main.tf
@@ -23,12 +23,6 @@ resource "azurerm_resource_group" "rg" {
 
 data "azurerm_client_config" "current" {}
 
-data "azurerm_log_analytics_workspace" "logws" {
-  count               = var.log_analytics_workspace_name != null ? 1 : 0
-  name                = var.log_analytics_workspace_name
-  resource_group_name = local.resource_group_name
-}
-
 #---------------------------------------------------------
 # Storage Account to keep Audit logs - Default is "false"
 #----------------------------------------------------------
@@ -103,7 +97,7 @@ resource "azurerm_mssql_server_extended_auditing_policy" "primary" {
   storage_account_access_key              = azurerm_storage_account.storeacc.0.primary_access_key
   storage_account_access_key_is_secondary = false
   retention_in_days                       = var.log_retention_days
-  log_monitoring_enabled                  = var.enable_log_monitoring == true && var.log_analytics_workspace_name != null ? true : false
+  log_monitoring_enabled                  = var.enable_log_monitoring == true && var.log_analytics_workspace_id != null ? true : false
 }
 
 resource "azurerm_sql_server" "secondary" {
@@ -131,7 +125,7 @@ resource "azurerm_mssql_server_extended_auditing_policy" "secondary" {
   storage_account_access_key              = azurerm_storage_account.storeacc.0.primary_access_key
   storage_account_access_key_is_secondary = false
   retention_in_days                       = var.log_retention_days
-  log_monitoring_enabled                  = var.enable_log_monitoring == true && var.log_analytics_workspace_name != null ? true : null
+  log_monitoring_enabled                  = var.enable_log_monitoring == true && var.log_analytics_workspace_id != null ? true : null
 }
 
 
@@ -167,7 +161,7 @@ resource "azurerm_mssql_database_extended_auditing_policy" "primary" {
   storage_account_access_key              = azurerm_storage_account.storeacc.0.primary_access_key
   storage_account_access_key_is_secondary = false
   retention_in_days                       = var.log_retention_days
-  log_monitoring_enabled                  = var.enable_log_monitoring == true && var.log_analytics_workspace_name != null ? true : null
+  log_monitoring_enabled                  = var.enable_log_monitoring == true && var.log_analytics_workspace_id != null ? true : null
 }
 
 #-----------------------------------------------------------------------------------------------
@@ -415,11 +409,11 @@ resource "azurerm_private_dns_a_record" "arecord2" {
 # azurerm monitoring diagnostics  - Default is "false" 
 #------------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "extaudit" {
-  count                      = var.enable_log_monitoring == true && var.log_analytics_workspace_name != null ? 1 : 0
+  count                      = var.enable_log_monitoring == true && var.log_analytics_workspace_id != null ? 1 : 0
   name                       = lower("extaudit-${var.database_name}-diag")
   target_resource_id         = azurerm_sql_database.db.id
-  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.logws.0.id
-  storage_account_id         = azurerm_storage_account.storeacc.0.id
+  log_analytics_workspace_id = var.log_analytics_workspace_id
+  storage_account_id         = var.storage_account_id != null ? var.storage_account_id : null
 
   dynamic "log" {
     for_each = var.extaudit_diag_logs
diff --git a/variables.tf b/variables.tf
@@ -14,19 +14,14 @@ variable "storage_account_name" {
   default     = null
 }
 
-variable "log_analytics_workspace_name" {
-  description = "The name of log analytics workspace name"
-  default     = null
-}
-
 variable "location" {
   description = "The location/region to keep all your network resources. To get the list of all locations with table format from azure cli, run 'az account list-locations -o table'"
   default     = ""
 }
 
 variable "random_password_length" {
   description = "The desired length of random password created by this module"
-  default     = 24
+  default     = 32
 }
 
 variable "enable_sql_server_extended_auditing_policy" {
@@ -181,6 +176,16 @@ variable "sqldb_init_script_file" {
   default     = ""
 }
 
+variable "log_analytics_workspace_id" {
+  description = "Specifies the ID of a Log Analytics Workspace where Diagnostics Data to be sent"
+  default     = null
+}
+
+variable "storage_account_id" {
+  description = "The name of the storage account to store the all monitoring logs"
+  default     = null
+}
+
 variable "extaudit_diag_logs" {
   description = "Database Monitoring Category details for Azure Diagnostic setting"
   default     = ["SQLSecurityAuditEvents", "SQLInsights", "AutomaticTuning", "QueryStoreRuntimeStatistics", "QueryStoreWaitStatistics", "Errors", "DatabaseWaitStatistics", "Timeouts", "Blocks", "Deadlocks"]
@@ -191,5 +196,3 @@ variable "tags" {
   type        = map(string)
   default     = {}
 }
-
-
