Add CODEOWNERS & Fix Sentinel Simplified Pricing (#582)

.github/CODEOWNERS

@@ -0,0 +1,11 @@
+# See for instructions on this file https://help.github.com/articles/about-codeowners/
+
+# These owners will be the default owners for everything in
+# the repo. Unless a later match takes precedence,
+# @global-owner1 and @global-owner2 will be requested for
+# review when someone opens a pull request.
+
+.github/CODEOWNERS @Azure/alz-bicep-admin-team
+.github/** @Azure/alz-bicep-admin-team
+
+accelerator/** @Azure/alz-bicep-accelerator-team

infra-as-code/bicep/modules/logging/generateddocs/logging.bicep.md

@@ -9,6 +9,7 @@ Parameter name | Required | Description
 parLogAnalyticsWorkspaceName | No       | Log Analytics Workspace name.
 parLogAnalyticsWorkspaceLocation | No       | Log Analytics region name - Ensure the regions selected is a supported mapping as per: https://docs.microsoft.com/azure/automation/how-to/region-mappings.
 parLogAnalyticsWorkspaceSkuName | No       | Log Analytics Workspace sku name.
+parLogAnalyticsWorkspaceCapacityReservationLevel | No       | Log Analytics Workspace Capacity Reservation Level. Only used if parLogAnalyticsWorkspaceSkuName is set to CapacityReservation.
 parLogAnalyticsWorkspaceLogRetentionInDays | No       | Number of days of log retention for Log Analytics Workspace.
 parLogAnalyticsWorkspaceSolutions | No       | Solutions that will be added to the Log Analytics Workspace.
 parLogAnalyticsWorkspaceLinkAutomationAccount | No       | Log Analytics Workspace should be linked with the automation account.
@@ -18,6 +19,7 @@ parAutomationAccountUseManagedIdentity | No       | Automation Account - use man
 parTags        | No       | Tags you would like to be applied to all resources in this module.
 parAutomationAccountTags | No       | Tags you would like to be applied to Automation Account.
 parLogAnalyticsWorkspaceTags | No       | Tags you would like to be applied to Log Analytics Workspace.
+parUseSentinelClassicPricingTiers | No       | Set Parameter to true to use Sentinel Classic Pricing Tiers, following changes introduced in July 2023 as documented here: https://learn.microsoft.com/azure/sentinel/enroll-simplified-pricing-tier.
 parTelemetryOptOut | No       | Set Parameter to true to Opt-out of deployment telemetry
 
 ### parLogAnalyticsWorkspaceName
@@ -46,6 +48,16 @@ Log Analytics Workspace sku name.
 
 - Allowed values: `CapacityReservation`, `Free`, `LACluster`, `PerGB2018`, `PerNode`, `Premium`, `Standalone`, `Standard`
 
+### parLogAnalyticsWorkspaceCapacityReservationLevel
+
+![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
+
+Log Analytics Workspace Capacity Reservation Level. Only used if parLogAnalyticsWorkspaceSkuName is set to CapacityReservation.
+
+- Default value: `100`
+
+- Allowed values: `100`, `200`, `300`, `400`, `500`, `1000`, `2000`, `5000`
+
 ### parLogAnalyticsWorkspaceLogRetentionInDays
 
 ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
@@ -118,6 +130,14 @@ Tags you would like to be applied to Log Analytics Workspace.
 
 - Default value: `[parameters('parTags')]`
 
+### parUseSentinelClassicPricingTiers
+
+![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
+
+Set Parameter to true to use Sentinel Classic Pricing Tiers, following changes introduced in July 2023 as documented here: https://learn.microsoft.com/azure/sentinel/enroll-simplified-pricing-tier.
+
+- Default value: `False`
+
 ### parTelemetryOptOut
 
 ![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)
@@ -158,6 +178,9 @@ outAutomationAccountId | string |
         "parLogAnalyticsWorkspaceSkuName": {
             "value": "PerGB2018"
         },
+        "parLogAnalyticsWorkspaceCapacityReservationLevel": {
+            "value": 100
+        },
         "parLogAnalyticsWorkspaceLogRetentionInDays": {
             "value": 365
         },
@@ -196,6 +219,9 @@ outAutomationAccountId | string |
         "parLogAnalyticsWorkspaceTags": {
             "value": "[parameters('parTags')]"
         },
+        "parUseSentinelClassicPricingTiers": {
+            "value": false
+        },
         "parTelemetryOptOut": {
             "value": false
         }

infra-as-code/bicep/modules/logging/logging.bicep

@@ -20,6 +20,19 @@ param parLogAnalyticsWorkspaceLocation string = resourceGroup().location
 @sys.description('Log Analytics Workspace sku name.')
 param parLogAnalyticsWorkspaceSkuName string = 'PerGB2018'
 
+@allowed([
+  100
+  200
+  300
+  400
+  500
+  1000
+  2000
+  5000
+])
+@sys.description('Log Analytics Workspace Capacity Reservation Level. Only used if parLogAnalyticsWorkspaceSkuName is set to CapacityReservation.')
+param parLogAnalyticsWorkspaceCapacityReservationLevel int = 100
+
 @minValue(30)
 @maxValue(730)
 @sys.description('Number of days of log retention for Log Analytics Workspace.')
@@ -73,6 +86,9 @@ param parAutomationAccountTags object = parTags
 @sys.description('Tags you would like to be applied to Log Analytics Workspace.')
 param parLogAnalyticsWorkspaceTags object = parTags
 
+@sys.description('Set Parameter to true to use Sentinel Classic Pricing Tiers, following changes introduced in July 2023 as documented here: https://learn.microsoft.com/azure/sentinel/enroll-simplified-pricing-tier.')
+param parUseSentinelClassicPricingTiers bool = false
+
 @sys.description('Set Parameter to true to Opt-out of deployment telemetry')
 param parTelemetryOptOut bool = false
 
@@ -103,6 +119,7 @@ resource resLogAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022
   properties: {
     sku: {
       name: parLogAnalyticsWorkspaceSkuName
+      capacityReservationLevel: parLogAnalyticsWorkspaceSkuName == 'CapacityReservation' ? parLogAnalyticsWorkspaceCapacityReservationLevel : null
     }
     retentionInDays: parLogAnalyticsWorkspaceLogRetentionInDays
   }
@@ -112,7 +129,12 @@ resource resLogAnalyticsWorkspaceSolutions 'Microsoft.OperationsManagement/solut
   name: '${solution}(${resLogAnalyticsWorkspace.name})'
   location: parLogAnalyticsWorkspaceLocation
   tags: parTags
-  properties: {
+  properties: solution == 'SecurityInsights' ? {
+    workspaceResourceId: resLogAnalyticsWorkspace.id
+    sku: parUseSentinelClassicPricingTiers ? null : {
+      name: 'Unified'
+    }
+  } : {
     workspaceResourceId: resLogAnalyticsWorkspace.id
   }
   plan: {

infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json

@@ -11,6 +11,9 @@
     "parLogAnalyticsWorkspaceSkuName": {
       "value": "PerGB2018"
     },
+    "parLogAnalyticsWorkspaceCapacityReservationLevel": {
+      "value": 100
+    },
     "parLogAnalyticsWorkspaceLogRetentionInDays": {
       "value": 365
     },
@@ -45,6 +48,9 @@
         "Environment": "Live"
       }
     },
+    "parUseSentinelClassicPricingTiers": {
+      "value": false
+    },
     "parTelemetryOptOut": {
       "value": false
     }