Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Microsoft.Security workspaceSettings
Bicep resource definition
The workspaceSettings resource type can be deployed with operations that target:
- Subscription - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/workspaceSettings resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Security/workspaceSettings@2017-08-01-preview' = {
name: 'string'
properties: {
scope: 'string'
workspaceId: 'string'
}
}
Property Values
Microsoft.Security/workspaceSettings
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | Workspace setting data | WorkspaceSettingProperties |
WorkspaceSettingProperties
| Name | Description | Value |
|---|---|---|
| scope | All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope | string (required) |
| workspaceId | The full Azure ID of the workspace to save the data in | string (required) |
Usage Examples
Bicep Samples
A basic example of deploying subscription's Security Center Workspace.
targetScope = 'subscription'
param resourceName string = 'acctest0001'
param location string = 'westeurope'
resource resourceGroup 'Microsoft.Resources/resourceGroups@2020-06-01' = {
name: resourceName
location: location
}
resource workspaceSetting 'Microsoft.Security/workspaceSettings@2017-08-01-preview' = {
name: 'default'
properties: {
scope: '/subscriptions/${subscription().subscriptionId}'
workspaceId: module1.outputs.workspaceId
}
}
module module1 'main-rg-module.bicep' = {
name: 'deploy-rg-resources'
scope: resourceGroup
params: {
resourceName: resourceName
location: location
}
}
A basic example of deploying subscription's Security Center Workspace.
param resourceName string = 'acctest0001'
param location string = 'westeurope'
resource workspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
name: resourceName
location: location
properties: {
features: {
disableLocalAuth: false
enableLogAccessUsingOnlyResourcePermissions: true
}
publicNetworkAccessForIngestion: 'Enabled'
publicNetworkAccessForQuery: 'Enabled'
retentionInDays: 30
sku: {
name: 'PerGB2018'
}
workspaceCapping: {
dailyQuotaGb: -1
}
}
}
// Module outputs for cross-scope references
output workspaceId string = workspace.id
ARM template resource definition
The workspaceSettings resource type can be deployed with operations that target:
- Subscription - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/workspaceSettings resource, add the following JSON to your template.
{
"type": "Microsoft.Security/workspaceSettings",
"apiVersion": "2017-08-01-preview",
"name": "string",
"properties": {
"scope": "string",
"workspaceId": "string"
}
}
Property Values
Microsoft.Security/workspaceSettings
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2017-08-01-preview' |
| name | The resource name | string (required) |
| properties | Workspace setting data | WorkspaceSettingProperties |
| type | The resource type | 'Microsoft.Security/workspaceSettings' |
WorkspaceSettingProperties
| Name | Description | Value |
|---|---|---|
| scope | All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope | string (required) |
| workspaceId | The full Azure ID of the workspace to save the data in | string (required) |
Usage Examples
Terraform (AzAPI provider) resource definition
The workspaceSettings resource type can be deployed with operations that target:
- Subscription
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/workspaceSettings resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Security/workspaceSettings@2017-08-01-preview"
name = "string"
parent_id = "string"
body = {
properties = {
scope = "string"
workspaceId = "string"
}
}
}
Property Values
Microsoft.Security/workspaceSettings
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | Workspace setting data | WorkspaceSettingProperties |
| type | The resource type | "Microsoft.Security/workspaceSettings@2017-08-01-preview" |
WorkspaceSettingProperties
| Name | Description | Value |
|---|---|---|
| scope | All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope | string (required) |
| workspaceId | The full Azure ID of the workspace to save the data in | string (required) |
Usage Examples
Terraform Samples
A basic example of deploying subscription's Security Center Workspace.
terraform {
required_providers {
azapi = {
source = "Azure/azapi"
}
azurerm = {
source = "hashicorp/azurerm"
}
}
}
provider "azurerm" {
features {
}
}
provider "azapi" {
skip_provider_registration = false
}
variable "resource_name" {
type = string
default = "acctest0001"
}
variable "location" {
type = string
default = "westeurope"
}
data "azurerm_client_config" "current" {
}
resource "azapi_resource" "resourceGroup" {
type = "Microsoft.Resources/resourceGroups@2020-06-01"
name = var.resource_name
location = var.location
}
resource "azapi_resource" "workspace" {
type = "Microsoft.OperationalInsights/workspaces@2022-10-01"
parent_id = azapi_resource.resourceGroup.id
name = var.resource_name
location = var.location
body = {
properties = {
features = {
disableLocalAuth = false
enableLogAccessUsingOnlyResourcePermissions = true
}
publicNetworkAccessForIngestion = "Enabled"
publicNetworkAccessForQuery = "Enabled"
retentionInDays = 30
sku = {
name = "PerGB2018"
}
workspaceCapping = {
dailyQuotaGb = -1
}
}
}
schema_validation_enabled = false
response_export_values = ["*"]
}
resource "azapi_resource" "workspaceSetting" {
type = "Microsoft.Security/workspaceSettings@2017-08-01-preview"
parent_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}"
name = "default"
body = {
properties = {
scope = "/subscriptions/${data.azurerm_client_config.current.subscription_id}"
workspaceId = azapi_resource.workspace.id
}
}
schema_validation_enabled = false
response_export_values = ["*"]
}
Feedback
Was this page helpful?