functions/KeyVault.ps1
function Get-SpqKeyVault { Param( [parameter(Mandatory = $true)] [string] $ApplicationCode, [parameter(Mandatory = $true)] [string] $EnvironmentName, [parameter(Mandatory = $true)] [string] $Location, [parameter(Mandatory = $false)] [string] $UniqueNamePhrase = $null, [parameter(Mandatory = $false)] [string] $ExceptionGuid, [parameter(Mandatory = $false)] [string] $LogAnalyticsResourceGroupName = "", [parameter(Mandatory = $false)] [string] $LogAnalyticsWorkspaceName = "" ) $keyVaultName = Get-SpqResourceName ` -ApplicationCode $ApplicationCode ` -EnvironmentName $EnvironmentName ` -UniqueNamePhrase $UniqueNamePhrase ` -ServiceTypeName "Microsoft.KeyVault/vaults" ` -Location $Location $keyVaultDiagnosticsSettingName = $keyVaultName + "-diagsett" $diagnosticSettingJson = ' { "type": "providers/diagnosticSettings", "name": "Microsoft.Insights/' + $keyVaultDiagnosticsSettingName + '", "dependsOn": [ "[resourceId(''Microsoft.KeyVault/vaults'', ''' + $keyVaultName + ''')]" ], "apiVersion": "2017-05-01-preview", "properties": { "name": "' + $keyVaultDiagnosticsSettingName + '", "workspaceId": "[resourceId(''' + $LogAnalyticsResourceGroupName + ''', ''microsoft.operationalinsights/workspaces'', ''' + $LogAnalyticsWorkspaceName + ''')]", "metrics": [ { "category": "AllMetrics", "enabled": true } ], "logs": [ { "category": "AuditEvent", "enabled": true } ] } } ' $diagnosticSettingObj = ConvertFrom-Json $diagnosticSettingJson $json = ' { "type": "Microsoft.KeyVault/vaults", "name": "' + $keyVaultName + '", "apiVersion": "2015-06-01", "location": "' + $Location + '", "properties": { "sku": { "family": "A", "name": "Standard" }, "tenantId": "[subscription().tenantId]", "enabledForTemplateDeployment": "true", "accessPolicies": [] }, "resources": [ ] } ' $obj = ConvertFrom-Json $json if ($LogAnalyticsResourceGroupName -ne "") { $obj.resources += $diagnosticSettingObj } return $obj } |