I am trying to create a Data Collection Rule for the table "Perf" by terrafrom, but I have trouble get my "azurerm_log_analytics_workspace" connected to the "azurerm_monitor_data_collection_rule".
resource "azurerm_resource_group" "this" {
location = var.environment_config.location_name
name = local.naming.rg_name
}
resource "azurerm_log_analytics_workspace" "this" {
name = local.naming.log_name
location = azurerm_resource_group.this.location
resource_group_name = azurerm_resource_group.this.name
}
resource "azurerm_monitor_data_collection_rule" "this" {
name = local.naming.dcr_name
resource_group_name = azurerm_resource_group.this.name
location = azurerm_resource_group.this.location
destinations {
log_analytics {
workspace_resource_id = azurerm_log_analytics_workspace.this.id
name = local.naming.log_name
}
}
data_flow {
streams = ["Microsoft-Table-Perf"]
destinations = [local.naming.log_name]
}
}
Both resources are in the same resource group and same region.
I tried to create a DCR through portal and compare the templates with the one created by terraform and they are the same. The only difference is in the Log Analytics workspace where I find "defaultDataCollectionRuleResourceId" with the ID of the the created DCR. Then I tried to add my terraform DCR manually to the Log Analytics, but when selecting the table "Perf" and clicking on "Create Transformation" I can't even select the DCR. I also tried to create it via "azapi_resource", but had the same Issue.
resource "azapi_resource" "azurerm_monitor_data_collection_rule" {
type = "Microsoft.Insights/dataCollectionRules@2021-09-01-preview"
name = local.naming.dcr_name
location = azurerm_resource_group.this.location
parent_id = azurerm_resource_group.this.id
body = jsonencode({
properties = {
dataFlows = [
{
destinations = [local.naming.log_name]
streams = ["Microsoft-Table-Perf"]
}
]
destinations = {
logAnalytics = [
{
name = local.naming.log_name
workspaceResourceId = azurerm_log_analytics_workspace.this.id
}
]
}
}
kind = "WorkspaceTransforms"
})
lifecycle {
ignore_changes = [
tags
]
}
}
I would have expected the DCR connect automatically to Log Analytics, or that there is an additional resource for connection, but I could not find anything like this.
I found a workaround for this Issue by using log analytics command from CLI directly:
resource "null_resource" "connect_dcr_to_log_analytics" {
provisioner "local-exec" {
command = "az monitor log-analytics workspace update --resource-group ${local.naming.rg_name} --workspace-name ${local.naming.log_name} --data-collection-rule \"${azapi_resource.azurerm_monitor_data_collection_rule.id}\""
}
depends_on = [
azapi_resource.azurerm_monitor_data_collection_rule,
azurerm_log_analytics_workspace.this
]
}
I found this in the log analytics cli documentation. When you execute the terraform, DCR is connected correctly, but you will not be able to create transformations in the azure portal, which is fine for us, as we have everything inside terraform, but just as remark.