diff --git a/CHANGELOG.md b/CHANGELOG.md index 8277362756..11b24ab63e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,7 +13,7 @@ FEATURES: ENHANCEMENTS: -* +* Adding Log Analytics & Antimalware VM extensions ([#2520](https://github.com/microsoft/AzureTRE/pull/2520)) BUG FIXES: diff --git a/resource_processor/_version.py b/resource_processor/_version.py index f6b7e267c1..cd1ee63b76 100644 --- a/resource_processor/_version.py +++ b/resource_processor/_version.py @@ -1 +1 @@ -__version__ = "0.4.3" +__version__ = "0.4.4" diff --git a/resource_processor/shared/logging.py b/resource_processor/shared/logging.py index 712964144c..c0887fe993 100644 --- a/resource_processor/shared/logging.py +++ b/resource_processor/shared/logging.py @@ -131,6 +131,8 @@ def shell_output_logger(console_output: str, prefix_item: str, logger: logging.L logging.debug("shell console output is empty.") return + console_output = console_output.strip() + if (logging_level != logging.INFO and len(console_output) < 200 and console_output.startswith("Unable to find image '") diff --git a/templates/core/terraform/admin-jumpbox.tf b/templates/core/terraform/admin-jumpbox.tf index d6d5054217..cd331423fa 100644 --- a/templates/core/terraform/admin-jumpbox.tf +++ b/templates/core/terraform/admin-jumpbox.tf @@ -79,3 +79,16 @@ SETTINGS data "template_file" "vm_config" { template = file("${path.module}/admin-jumpbox-configure.ps1") } + +resource "azurerm_virtual_machine_extension" "antimalware" { + virtual_machine_id = azurerm_windows_virtual_machine.jumpbox.id + name = "${azurerm_windows_virtual_machine.jumpbox.name}-AntimalwareExtension" + publisher = "Microsoft.Azure.Security" + type = "IaaSAntimalware" + type_handler_version = "1.3" + auto_upgrade_minor_version = true + + settings = jsonencode({ + "AntimalwareEnabled" = true + }) +} diff --git a/templates/core/terraform/azure-monitor/outputs.tf b/templates/core/terraform/azure-monitor/outputs.tf index a568378b7a..009e552319 100644 --- a/templates/core/terraform/azure-monitor/outputs.tf +++ b/templates/core/terraform/azure-monitor/outputs.tf @@ -9,3 +9,11 @@ output "log_analytics_workspace_id" { output "log_analytics_workspace_name" { value = azurerm_log_analytics_workspace.core.name } + +output "log_analytics_workspace_primary_key" { + value = azurerm_log_analytics_workspace.core.primary_shared_key +} + +output "log_analytics_workspace_workspace_id" { + value = azurerm_log_analytics_workspace.core.workspace_id +} diff --git a/templates/core/terraform/main.tf b/templates/core/terraform/main.tf index c9a830e36b..c16d659d83 100644 --- a/templates/core/terraform/main.tf +++ b/templates/core/terraform/main.tf @@ -152,6 +152,8 @@ module "resource_processor_vmss_porter" { subscription_id = var.arm_subscription_id resource_processor_number_processes_per_instance = var.resource_processor_number_processes_per_instance resource_processor_vmss_sku = var.resource_processor_vmss_sku + log_analytics_workspace_workspace_id = module.azure_monitor.log_analytics_workspace_workspace_id + log_analytics_workspace_primary_key = module.azure_monitor.log_analytics_workspace_primary_key depends_on = [ module.network, diff --git a/templates/core/terraform/resource_processor/vmss_porter/main.tf b/templates/core/terraform/resource_processor/vmss_porter/main.tf index f41a7fa8a3..b345f85baa 100644 --- a/templates/core/terraform/resource_processor/vmss_porter/main.tf +++ b/templates/core/terraform/resource_processor/vmss_porter/main.tf @@ -66,11 +66,14 @@ resource "azurerm_linux_virtual_machine_scale_set" "vm_linux" { tags = local.tre_core_tags extension { - auto_upgrade_minor_version = false + auto_upgrade_minor_version = true automatic_upgrade_enabled = false name = "healthRepairExtension" provision_after_extensions = [] publisher = "Microsoft.ManagedServices" + type = "ApplicationHealthLinux" + type_handler_version = "1.0" + settings = jsonencode( { port = 8080 @@ -78,8 +81,25 @@ resource "azurerm_linux_virtual_machine_scale_set" "vm_linux" { requestPath = "/health" } ) - type = "ApplicationHealthLinux" - type_handler_version = "1.0" + } + + extension { + auto_upgrade_minor_version = true + automatic_upgrade_enabled = false + name = "OmsAgentForLinux" + publisher = "Microsoft.EnterpriseCloud.Monitoring" + type = "OmsAgentForLinux" + type_handler_version = "1.0" + + protected_settings = jsonencode({ + "workspaceKey" = "${var.log_analytics_workspace_primary_key}" + }) + + settings = jsonencode({ + "workspaceId" = "${var.log_analytics_workspace_workspace_id}", + "stopOnMultipleConnections" = false + "skipDockerProviderInstall" = true + }) } automatic_os_upgrade_policy { diff --git a/templates/core/terraform/resource_processor/vmss_porter/variables.tf b/templates/core/terraform/resource_processor/vmss_porter/variables.tf index f54d7ed07b..34a188de5b 100644 --- a/templates/core/terraform/resource_processor/vmss_porter/variables.tf +++ b/templates/core/terraform/resource_processor/vmss_porter/variables.tf @@ -21,3 +21,6 @@ variable "subscription_id" { type = string default = "" } + +variable "log_analytics_workspace_workspace_id" {} +variable "log_analytics_workspace_primary_key" {} diff --git a/templates/core/version.txt b/templates/core/version.txt index 8f584e6225..b4ed79e09d 100644 --- a/templates/core/version.txt +++ b/templates/core/version.txt @@ -1 +1 @@ -__version__ = "0.4.19" +__version__ = "0.4.20"