From 43466edc4382a3b8b0835161f75cf3c6ece3fb05 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Tue, 5 Sep 2023 15:09:20 +0200 Subject: [PATCH 1/5] updates --- .ps-rule/min-suppress.Rule.yaml | 1 + .../.test/linux.ssecmk/main.test.bicep | 3 +++ modules/compute/virtual-machine-scale-set/main.bicep | 12 ++++++------ ps-rule.yaml | 8 +++++--- 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/.ps-rule/min-suppress.Rule.yaml b/.ps-rule/min-suppress.Rule.yaml index 8516077660..5fe5966f48 100644 --- a/.ps-rule/min-suppress.Rule.yaml +++ b/.ps-rule/min-suppress.Rule.yaml @@ -8,6 +8,7 @@ spec: rule: - Azure.Resource.UseTags - Azure.KeyVault.Logs + - Azure.VMSS.AMA if: name: '.' contains: diff --git a/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/main.test.bicep b/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/main.test.bicep index 619436b5ec..6eaba2d9e1 100644 --- a/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/main.test.bicep +++ b/modules/compute/virtual-machine-scale-set/.test/linux.ssecmk/main.test.bicep @@ -56,6 +56,9 @@ module testDeployment '../../main.bicep' = { scope: resourceGroup name: '${uniqueString(deployment().name, location)}-test-${serviceShort}' params: { + extensionMonitoringAgentConfig: { + enabled: true + } enableDefaultTelemetry: enableDefaultTelemetry location: location name: '${namePrefix}${serviceShort}001' diff --git a/modules/compute/virtual-machine-scale-set/main.bicep b/modules/compute/virtual-machine-scale-set/main.bicep index fbd688e838..95373632f4 100644 --- a/modules/compute/virtual-machine-scale-set/main.bicep +++ b/modules/compute/virtual-machine-scale-set/main.bicep @@ -503,13 +503,13 @@ resource vmss_logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@20 scope: resourceGroup(split(monitoringWorkspaceId, '/')[2], split(monitoringWorkspaceId, '/')[4]) } -module vmss_microsoftMonitoringAgentExtension 'extension/main.bicep' = if (extensionMonitoringAgentConfig.enabled) { - name: '${uniqueString(deployment().name, location)}-VMSS-MicrosoftMonitoringAgent' +module vmss_azureMonitorAgentExtension 'extension/main.bicep' = if (extensionMonitoringAgentConfig.enabled) { + name: '${uniqueString(deployment().name, location)}-VMSS-AzureMonitorAgent' params: { virtualMachineScaleSetName: vmss.name - name: 'MicrosoftMonitoringAgent' - publisher: 'Microsoft.EnterpriseCloud.Monitoring' - type: osType == 'Windows' ? 'MicrosoftMonitoringAgent' : 'OmsAgentForLinux' + name: 'AzureMonitorAgent' + publisher: 'Microsoft.Azure.Monitor' + type: osType == 'Windows' ? 'AzureMonitorWindowsAgent' : 'AzureMonitorLinuxAgent' typeHandlerVersion: contains(extensionMonitoringAgentConfig, 'typeHandlerVersion') ? extensionMonitoringAgentConfig.typeHandlerVersion : (osType == 'Windows' ? '1.0' : '1.7') autoUpgradeMinorVersion: contains(extensionMonitoringAgentConfig, 'autoUpgradeMinorVersion') ? extensionMonitoringAgentConfig.autoUpgradeMinorVersion : true enableAutomaticUpgrade: contains(extensionMonitoringAgentConfig, 'enableAutomaticUpgrade') ? extensionMonitoringAgentConfig.enableAutomaticUpgrade : false @@ -604,7 +604,7 @@ module vmss_azureDiskEncryptionExtension 'extension/main.bicep' = if (extensionA } dependsOn: [ vmss_customScriptExtension - vmss_microsoftMonitoringAgentExtension + vmss_azureMonitorAgentExtension ] } diff --git a/ps-rule.yaml b/ps-rule.yaml index 1efe9161f8..259a67057d 100644 --- a/ps-rule.yaml +++ b/ps-rule.yaml @@ -16,7 +16,7 @@ binding: # Require minimum versions of modules. requires: PSRule: '@pre >=2.4.0' - PSRule.Rules.Azure: '@pre >=1.19.2' + PSRule.Rules.Azure: '@pre >=1.27.3' # Use PSRule for Azure. include: @@ -24,8 +24,10 @@ include: - PSRule.Rules.Azure execution: - suppressedRuleWarning: false - notProcessedWarning: false + # suppressedRuleWarning: false - no more supported in PsRule ver 3.0 + # notProcessedWarning: false - no more supported in PsRule ver 3.0 + ruleSuppressed: Warn + unprocessedObject: Warn output: culture: From 39f3448dadbf6240ba00f644cf29055a8b9d0ceb Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Tue, 5 Sep 2023 15:23:17 +0200 Subject: [PATCH 2/5] update readme --- modules/compute/virtual-machine-scale-set/README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/compute/virtual-machine-scale-set/README.md b/modules/compute/virtual-machine-scale-set/README.md index b0384b82da..df9af7d0ab 100644 --- a/modules/compute/virtual-machine-scale-set/README.md +++ b/modules/compute/virtual-machine-scale-set/README.md @@ -1434,6 +1434,9 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' = ] disablePasswordAuthentication: true enableDefaultTelemetry: '' + extensionMonitoringAgentConfig: { + enabled: true + } location: '' nicConfigurations: [ { @@ -1531,6 +1534,11 @@ module virtualMachineScaleSet './compute/virtual-machine-scale-set/main.bicep' = "enableDefaultTelemetry": { "value": "" }, + "extensionMonitoringAgentConfig": { + "value": { + "enabled": true + } + }, "location": { "value": "" }, From bbae91fc8660d9a065e712e464b0020db432a262 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Tue, 5 Sep 2023 15:33:26 +0200 Subject: [PATCH 3/5] update --- .ps-rule/min-suppress.Rule.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.ps-rule/min-suppress.Rule.yaml b/.ps-rule/min-suppress.Rule.yaml index 4a4bd6c840..f0d8ceed1a 100644 --- a/.ps-rule/min-suppress.Rule.yaml +++ b/.ps-rule/min-suppress.Rule.yaml @@ -16,4 +16,3 @@ spec: name: '.' contains: - 'min' - From d895a20dbe69ba6a92e97bae25f7773b6393976c Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Wed, 4 Oct 2023 11:41:59 +0200 Subject: [PATCH 4/5] test westeurope --- .../virtual-machine-scale-set/.test/linux/main.test.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep b/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep index 66500b75f0..6ac4e94c57 100644 --- a/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep +++ b/modules/compute/virtual-machine-scale-set/.test/linux/main.test.bicep @@ -9,7 +9,7 @@ targetScope = 'subscription' param resourceGroupName string = 'ms.compute.virtualmachinescalesets-${serviceShort}-rg' @description('Optional. The location to deploy resources to.') -param location string = deployment().location +param location string = 'westeurope' //deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') param serviceShort string = 'cvmsslin' From 6c81ce3c9703d13ba683939851c9e2df5696dd51 Mon Sep 17 00:00:00 2001 From: Fabio Masciotra Date: Wed, 4 Oct 2023 12:00:11 +0200 Subject: [PATCH 5/5] exclude Azure.Resource.AllowedRegions --- ps-rule.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/ps-rule.yaml b/ps-rule.yaml index 259a67057d..fd610c9d3f 100644 --- a/ps-rule.yaml +++ b/ps-rule.yaml @@ -56,3 +56,4 @@ rule: exclude: # Ignore the following rules for all resources - Azure.KeyVault.PurgeProtect + - Azure.Resource.AllowedRegions