application.inisights module updates

This commit is contained in:
dwas01 2019-09-23 17:40:31 +12:00
Родитель 51d41446f7
Коммит 59fec81305
6 изменённых файлов: 27 добавлений и 362 удалений

Просмотреть файл

@ -1,223 +0,0 @@
<#
.NOTES
==============================================================================================
Copyright(c) Microsoft Corporation. All rights reserved.
Microsoft Consulting Services - AzureCAT - VDC Toolkit (v2.0)
File: application.insights.akv.secrects.ps1
Purpose: Set Application Insights KeyVault Secrets Automation Script
Version: 2.0.0.0 - 1st September 2019 - Azure Virtual Datacenter Development Team
==============================================================================================
.SYNOPSIS
Set Application Insights KeyVault Secrets Automation Script
.DESCRIPTION
Set Application Insights KeyVault Secrets Automation Script
Deployment steps of the script are outlined below.
1) Set Azure KeyVault Parameters
2) Set Application Insights Parameters
3) Create Azure KeyVault Secret
.PARAMETER keyVaultName
Specify the Azure KeyVault Name parameter.
.PARAMETER appInsightsName
Specify the Application Insights Name output parameter.
.PARAMETER appInsightsResourceId
Specify the Application Insights Resource Id output parameter.
.PARAMETER appInsightsResourceGroup
Specify the Application Insights ResourceGroup output parameter.
.PARAMETER appInsightsKey
Specify the Application Insights Instrumentation Key output parameter.
.PARAMETER appInsightsAppId
Specify the Application Insights AppId output parameter.
.PARAMETER appInsightsStorageAccountName
Specify the Application Storage Account Name output parameter.
.EXAMPLE
Default:
C:\PS>.\application.insights.akv.secrects.ps1
-keyVaultName "$(keyVaultName)"
-appInsightsName "$(appInsightsName)"
-appInsightsResourceId "$(appInsightsResourceId)"
-appInsightsResourceGroup "$(appInsightsResourceGroup)"
-appInsightsKey "$(appInsightsKey)"
-appInsightsAppId "$(appInsightsAppId)"
-appInsightsStorageAccountName "$(appInsightsStorageAccountName)"
#>
#Requires -Version 5
#Requires -Module Az.KeyVault
#Requires -Module Az.ApplicationInsights
#Requires -Module Az.Resources
[CmdletBinding()]
param
(
[Parameter(Mandatory = $false)]
[string]$keyVaultName,
[Parameter(Mandatory = $false)]
[string]$appInsightsName,
[Parameter(Mandatory = $false)]
[string]$appInsightsResourceId,
[Parameter(Mandatory = $false)]
[string]$appInsightsResourceGroup,
[Parameter(Mandatory = $false)]
[string]$appInsightsKey,
[Parameter(Mandatory = $false)]
[string]$appInsightsAppId,
[Parameter(Mandatory = $false)]
[string]$appInsightsStorageAccountName
)
#region - KeyVault Parameters
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['keyVaultName']))
{
Write-Output "KeyVault Name : $keyVaultName"
$kVSecretParameters = @{ }
#region - Analysis Services Parameters
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsName']))
{
Write-Output "Application Insights Name: $appInsightsName"
$kVSecretParameters.Add("AppInsights--Name", $($appInsightsName))
#region - Application Insights - ApiKey
$paramGetAzResource = @{
ResourceType = "Microsoft.Insights/components"
ResourceName = $appInsightsName
}
$resource = Get-AzResource @paramGetAzResource
$paramGetAzResource = @{
ResourceId = $resource.Id
}
$resource = Get-AzResource @paramGetAzResource
$Random = (Get-Random -Minimum 10000 -Maximum 99999)
$paramNewAzApplicationInsightsApiKey = @{
ResourceGroupName = $resource.ResourceGroupName
Name = $resource.Name
Description = $resource.Name + "-apikey$Random"
Permissions = @("ReadTelemetry", "WriteAnnotations")
ErrorAction = 'SilentlyContinue'
}
$apiInfo = New-AzApplicationInsightsApiKey @paramNewAzApplicationInsightsApiKey
$apiKey = $apiInfo.ApiKey
if ( -not [string]::IsNullOrEmpty($apiKey))
{
Write-Output "Application Insights apiKey: $apiKey"
$kVSecretParameters.Add("AppInsights--APIKey", $($apiKey))
}
else
{
Write-Output "Application Insights apiKey: []"
}
#endregion
}
else
{
Write-Output "Application Insights Name: []"
}
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsResourceId']))
{
Write-Output "Application Insights ResourceId: $appInsightsResourceId"
$kVSecretParameters.Add("AppInsights--ResourceId", $($appInsightsResourceId))
}
else
{
Write-Output "Application Insights ResourceId: []"
}
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsResourceGroup']))
{
Write-Output "Application Insights ResourceGroup: $appInsightsResourceGroup"
$kVSecretParameters.Add("AppInsights--ResourceGroup", $($appInsightsResourceGroup))
}
else
{
Write-Output "Application Insights ResourceGroup: []"
}
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsKey']))
{
Write-Output "Application Insights (OPS) Instrumentation Key: $appInsightsOpsKey"
$kVSecretParameters.Add("AppInsights--InstrumentationKey", $($appInsightsKey))
}
else
{
Write-Output "Application Insights Instrumentation Key: []"
}
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsAppId']))
{
Write-Output "Application Insights AppId: $appInsightsAppId"
$kVSecretParameters.Add("AppInsights--AppId", $($appInsightsAppId))
}
else
{
Write-Output "Application Insights AppId: []"
}
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsStorageAccountName']))
{
Write-Output "Application Insights Storage Account Name $appInsightsStorageAccountName"
$kVSecretParameters.Add("AppInsights--StorageAccountName", $($appInsightsStorageAccountName))
}
else
{
Write-Output "Application Insights Storage Account Name []"
}
#endregion
#region - Set Azure KeyVault Secret
$kVSecretParameters.Keys | ForEach-Object {
$key = $psitem
$value = $kVSecretParameters.Item($psitem)
if (-not [string]::IsNullOrWhiteSpace($value))
{
Write-Output "KeyVault Secret: $key : $value"
$value = $kVSecretParameters.Item($psitem)
Write-Output "Setting Secret for $key"
$paramSetAzKeyVaultSecret = @{
VaultName = $keyVaultName
Name = $key
SecretValue = (ConvertTo-SecureString $value -AsPlainText -Force)
Verbose = $true
ErrorAction = 'SilentlyContinue'
}
Set-AzKeyVaultSecret @paramSetAzKeyVaultSecret
}
else
{
Write-Output "KeyVault Secret: []"
}
}
#endregion
}
else
{
Write-Output "KeyVault Name: []"
}
#endregion

Просмотреть файл

@ -25,16 +25,17 @@
.PARAMETER appInsightsName
Specify the Azure Application Insights Name parameter.
.PARAMETER appInsightsStorageAccountName
Specify the Application Insights Storage Account Name output parameter.
.PARAMETER storageAccountName
Specify the Storage Account Name parameter.
.EXAMPLE
Default:
C:\PS>.\application.insights.continuous.export.ps1
-appInsightsName "$(appInsightsName)"
-appInsightsStorageAccountName "$(appInsightsStorageAccountName)"
-storageAccountName "$(storageAccountName)"
#>
#Requires -Version 5
#Requires -Module Az.ApplicationInsights
#Requires -Module Az.Storage
@ -47,12 +48,12 @@ param
[string]$appInsightsName,
[Parameter(Mandatory = $true)]
[string]$appInsightsStorageAccountName
[string]$storageAccountName
)
#region - Application Insights Continuous Export Configuration
Write-Output "Application Insights Name: $appInsightsName"
Write-Output "Application Insight Storage Account Name: $appInsightsStorageAccountName"
Write-Output "Application Insights Name: $appInsightsName"
Write-Output "Storage Account Name: $storageAccountName"
$paramGetAzResource = @{
ResourceType = "Microsoft.Insights/components"
@ -71,7 +72,7 @@ if (-not ($continuousExport))
{
$paramGetAzResource = @{
ResourceType = "Microsoft.Storage/storageAccounts"
ResourceName = $appInsightsStorageAccountName
ResourceName = $storageAccountName
}
$resource = Get-AzResource @paramGetAzResource
@ -85,11 +86,11 @@ if (-not ($continuousExport))
ResourceId = $resource.ResourceId
Force = $true
}
$appInsightsStoragekey = (Invoke-AzResourceAction @paramInvokeAzResourceAction).keys[0].value
$storagekey = (Invoke-AzResourceAction @paramInvokeAzResourceAction).keys[0].value
$paramNewAzStorageContext = @{
StorageAccountName = $appInsightsStorageAccountName
StorageAccountKey = $appInsightsStoragekey
StorageAccountName = $storageAccountName
StorageAccountKey = $storagekey
}
$context = New-AzStorageContext @paramNewAzStorageContext

Просмотреть файл

@ -36,9 +36,6 @@
.PARAMETER appInsightsAppId
Specify the Application Insights AppId output parameter.
.PARAMETER appInsightsStorageAccountName
Specify the Application Storage Account Name output parameter.
.EXAMPLE
Default:
C:\PS>.\output.tests.ps1
@ -47,7 +44,6 @@
-appInsightsResourceGroup "$(appInsightsResourceGroup)"
-appInsightsKey "$(appInsightsKey)"
-appInsightsAppId "$(appInsightsAppId)"
-appInsightsStorageAccountName "$(appInsightsStorageAccountName)"
#>
#Requires -Version 5
@ -68,10 +64,7 @@ param
[string]$appInsightsKey,
[Parameter(Mandatory = $false)]
[string]$appInsightsAppId,
[Parameter(Mandatory = $false)]
[string]$appInsightsStorageAccountName
[string]$appInsightsAppId
)
#region - Application Insights Output Tests
@ -120,13 +113,4 @@ else
{
Write-Output "Application Insights AppId: []"
}
if (-not [string]::IsNullOrWhiteSpace($PSBoundParameters['appInsightsStorageAccountName']))
{
Write-Output "Application Insights Storage Account Name: $($appInsightsStorageAccountName)"
}
else
{
Write-Output "Application Insights Storage Account Name: []"
}
#endregion

Просмотреть файл

@ -5,9 +5,6 @@
"appInsightsName": {
"value": "testappInsightsName"
},
"storageAccountName": {
"value": "teststorageAccountName"
},
"cuaId": {
"value": "00000000-0000-0000-0000-000000000000"
}

Просмотреть файл

@ -27,29 +27,6 @@
"description": "Optional. Location for all Resources"
}
},
"storageAccountName": {
"type": "string",
"metadata": {
"description": "Required. Storage Account Name"
}
},
"storageAccountsku": {
"type": "string",
"allowedValues": [
"Standard_LRS",
"Standard_GRS",
"Standard_RAGRS",
"Standard_ZRS",
"Premium_LRS",
"Premium_ZRS",
"Standard_GZRS",
"Standard_RAGZRS"
],
"defaultValue": "Standard_GRS",
"metadata": {
"description": "Optional. Storage Account sku type"
}
},
"cuaId": {
"type": "string",
"defaultValue": "",
@ -57,47 +34,18 @@
"description": "Optional. Customer Usage Attribution id (GUID). This GUID must be previously registered"
}
},
"tagEnvironment": {
"type": "string",
"tagValues": {
"type": "object",
"defaultValue": "",
"metadata": {
"description": "Optional. The name of the Environment"
}
},
"tagProject": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. The name of the project"
}
},
"tagApplication": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. The name of the application"
}
},
"tagOwner": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. The business owner for the application"
}
},
"tagOwnerEmail": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. The Email address of the business owner for the application"
"description": "Optional. Azure Resource Tags object"
}
}
},
"variables": {
"appInsightsName": "[parameters('appInsightsName')]",
"appInsightsresourceId": "[resourceId('Microsoft.Insights/components',parameters('appInsightsName'))]",
"apiVersion": "[providers('Microsoft.Insights','components').apiVersions[0]]",
"storageAccountName": "[parameters('storageAccountName')]",
"appInsightsApiVersion": "[providers('Microsoft.Insights','components').apiVersions[0]]",
"pidName": "[concat('pid-',parameters('cuaId'))]"
},
"resources": [
@ -117,39 +65,14 @@
},
{
"type": "Microsoft.Insights/components",
"apiVersion": "[providers('Microsoft.Insights','components').apiVersions[0]]",
"name": "[parameters('appInsightsName')]",
"apiVersion": "[variables('appInsightsApiVersion')]",
"name": "[variables('appInsightsName')]",
"location": "[parameters('location')]",
"tags": {
"Environment": "[parameters('tagEnvironment')]",
"Application": "[parameters('tagApplication')]",
"Project": "[parameters('tagProject')]",
"Owner": "[parameters('tagOwner')]",
"OwnerEmail": "[parameters('tagOwnerEmail')]"
},
"tags": "[if(empty(parameters('tagValues')), json('null'), parameters('tagValues'))]",
"properties": {
"ApplicationId": "[parameters('appInsightsName')]",
"Application_Type": "[parameters('appInsightsType')]"
}
},
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "[providers('Microsoft.Storage','storageAccounts').apiVersions[0]]",
"name": "[parameters('storageAccountName')]",
"location": "[resourceGroup().location]",
"tags": {
"Environment": "[parameters('tagEnvironment')]",
"Application": "[parameters('tagApplication')]",
"Project": "[parameters('tagProject')]",
"Owner": "[parameters('tagOwner')]",
"OwnerEmail": "[parameters('tagOwnerEmail')]"
},
"sku": {
"name": "[parameters('storageAccountSku')]"
},
"properties": {
"supportsHttpsTrafficOnly": true
}
}
],
"outputs": {
@ -176,23 +99,16 @@
},
"appInsightsKey": {
"type": "string",
"value": "[reference(variables('appInsightsresourceId'),variables('apiVersion')).instrumentationKey]",
"value": "[reference(variables('appInsightsresourceId'),variables('appInsightsApiVersion')).instrumentationKey]",
"metadata": {
"description": "Application Insights Resource Instrumentation Key"
}
},
"appInsightsAppId": {
"type": "string",
"value": "[reference(variables('appInsightsresourceId'),variables('apiVersion')).AppId]",
"value": "[reference(variables('appInsightsresourceId'),variables('appInsightsApiVersion')).AppId]",
"metadata": {
"description": "Application Insights Paalication Id"
}
},
"appInsightsStorageAccountName": {
"type": "string",
"value": "[variables('storageAccountName')]",
"metadata": {
"description": "Application Insights Logging Storage Account Name"
"description": "Application Insights Application Id"
}
}
}

Просмотреть файл

@ -7,8 +7,6 @@ This module deploys Application Insights.
The following Resources are deployed.
+ **Microsoft.Insights/components**
+ **Microsoft.Storage/storageAccount**
## Parameters
@ -17,14 +15,8 @@ The following Resources are deployed.
| `appInsightsName` || **Required** | Name of the Application Insights
| `appInsightsType` | web | **Optional** | Application type
| `location` | resourceGroup().location | **Optional** | Location for all Resources
| `storageAccountName` || **Required** | Storage Account Name
| `storageAccountType` | Standard_GRS | **Optional** | Storage Account sku type
| `cuaId` || **Optional** | Customer Usage Attribution Id (GUID). This GUID must be previously registered
| `tagEnvironment` || **Optional** | The name of the Environment
| `tagProject` || **Optional** | The name of the project
| `tagApplication` || **Optional** | The name of the application
| `tagOwner` || **Optional** | The business owner for the application
| `tagOwnerEmail` || **Optional** | The Email address of the business owner for the application
| `tagValues` || **Optional** | Optional. Azure Resource Tags object
## Outputs
@ -34,14 +26,12 @@ The following Resources are deployed.
| `appInsightsResourceId` | Application Insights Resource Id
| `appInsightsResourceGroup` | Application Insights ResourceGroup
| `appInsightsKey` | Application Insights Resource Instrumentation Key
| `appInsightsAppId` | Application Insights Paalication Id
| `appInsightsStorageAccountName` | Application Insights Logging Storage Account Name
| `appInsightsAppId` | Application Insights Application Id
## Scripts
| Output Name | Description |
| :- | :- |
| `application.insights.akv.secrects.ps1` | Set Application Insights KeyVault Secrets Automation Script
| `application.insights.continuous.export.ps1` | Configures Application Insights Continuous Export Configuration
## Considerations