Azure Diagnostic settings multi region support

Share This Post

Everyone has heard of “Mission Critical” in Azure, Which describes that an application needs to be deployed in one or more regions within Azure to have 100% redundancy. For example, an application is deployed in West and North Europe. It brings us to the next problem, what if diagnostic settings have another Log Analytics Workspace per region?

1) Azure Policy multi region

Azure Policy is a powerful solution to define and even automate certain facets of the Azure Tenant. For example, you can adjust settings, activate, deactivate, and even customise additional features on Azure resources using remediation tasks.

We have created a Diagnostic Settings policy for each resource we use. It will automatically adjust these settings on the resource itself. However, developing a specific policy for the most common resources is recommended because if you want to do this for all resources in Azure, this will mean working for an entire year.

It is better to start with the most commonly used ones within the organisation and create new policies as this list expands.

TIP: Think carefully about the hierarchy of the management groups and where you place the assignments of these policies. Developing governance within the organisation is the first step towards a successful Cloud Journey!

2) Policy solution for multi region diagnostic settings

Find the code below for the policy validation:

 "existenceCondition": {
                "allOf": [
                    {
                        "field": "Microsoft.Insights/diagnosticSettings/logs.enabled",
                        "equals": "True"
                    },
                    {
                        "field": "Microsoft.Insights/diagnosticSettings/metrics.enabled",
                        "equals": "True"
                    },
                    {
                        "field": "Microsoft.Insights/diagnosticSettings/workspaceId",
                        "matchInsensitively": "if(equals(parameters('location'), 'westeurope'), 
                         parameters('logAnalytics'), parameters('logAnalyticsNeur'))"
                    }
                ]
            },

For the workspace id use the following if-else statement:

    "workspaceId": "[if(equals(parameters('location'), 'westeurope'), parameters('logAnalytics'), parameters('logAnalyticsNeur'))]",

If you want a different name for the Diagnostic settings per region use the code below:

"name": "[concat(parameters('resourceName'), '/', 'Microsoft.Insights/', if(equals(parameters('location'), 'westeurope'), parameters('profileName'), parameters('profileNameNeur')))]",

Sources:

More To Explore

Odoo – Inheritance view custom footer

The first task is to find out why the customer needs different logo’s or styles in the documents. In this case, it is because the

Jeroen Branders 1 maart 2024

Azure Kubernetes security common misconceptions

Azure Kubernetes Service (AKS) has emerged as a leading platform for container orchestration, offering scalability (with Keda), flexibility, and an easy management panel. However, like

Jeroen Branders 30 december 2023