Closed mounikakandagadda29 closed 3 months ago
@mounikakandagadda29 By definition, the log_analytics_workspace_id
wants a log analytics workspace.
Closing since per @magodo's comment above, this is expected behaviour as we're expecting a Log Analytics Workspace ID to be provided for this field, but a Logic App Workflow is being specified here instead - and as such this can be fixed by specifying the Log Analytics Workspace to use.
Thanks!
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Is there an existing issue for this?
Community Note
Terraform Version
0.13.5
AzureRM Provider Version
3.105.0
Affected Resource(s)/Data Source(s)
azurerm
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
i only have microsoft.logic in my workspace id, but it asking me for microsoft operationalInsights
Actual Behaviour
it is giving an error.
Steps to Reproduce
resource "azurerm_sentinel_automation_rule" "send_incident_to_soc" { name = "ebd13114-37d9-46dc-af18-08bda8d09e91" log_analytics_workspace_id = "/subscriptions/ebd13114-37d9-46dc-af18-08bda8d09e91/resourceGroups/rg-informationsecurity-production-eastus2-sentinel/providers/Microsoft.Logic/workflows/Roy-Send-Incident"
Important Factoids
No response
References
No response