I'm currently using bicep to deploy NSG flow log with Traffic Analytics
I'm using the below BICEP template to create NSG Flow Log with Traffic Analytics.
targetScope = 'resourceGroup'
@description('Name of the Network Watcher attached to your subscription')
param networkWatcherName string = 'NetworkWatcher_${location}'
@description('Name of your Flow log resource')
param flowLogName1 string = 'Microsoft.NetworkVisual_Studio_Subscription_NSGNSG_10.0.0.64_27'
param flowLogName2 string = 'Microsoft.NetworkVisual_Studio_Subscription_NSGNSG_10.0.0.96_27'
param flowLogName3 string = 'Microsoft.NetworkVisual_Studio_Subscription_NSGNSG_10.0.0.128_27'
@description('Region where you resources are located')
param location string = resourceGroup().location
@description('Resource ID of the target NSG')
param existingNSG1 string = '/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.Network/networkSecurityGroups/NSG_10.0.0.64_27'
param existingNSG2 string = '/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.Network/networkSecurityGroups/NSG_10.0.0.96_27'
param existingNSG3 string = '/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.Network/networkSecurityGroups/NSG_10.0.0.128_27'
@description('Log analytics workspace resource Guid')
param workspaceId string = 'xxxxxx'
@description('Log analytics workspace region')
param workspaceRegion string = 'northcentralus'
@description('Log analytics workspace resource id')
param workspaceResourceId string = '/subscriptions/xxxxx/resourceGroups/xxxxx/providers/Microsoft.OperationalInsights/workspaces/xxxxx'
@description('Retention period in days. Default is zero which stands for permanent retention. Can be any Integer from 0 to 365')
@minValue(0)
@maxValue(365)
param retentionDays int = 0
@description('FlowLogs Version. Correct values are 1 or 2 (default)')
@allowed([
1
2
])
param flowLogsVersion int = 2
@description('Storage Account type')
@allowed([
'Standard_LRS'
'Standard_GRS'
'Standard_ZRS'
])
param storageAccountType string = 'Standard_LRS'
@description('Storage Account Name')
param storageAccountName string = 'flowlogs${uniqueString(resourceGroup().id)}'
@description('Storage Account ID')
param storageId string = '/subscriptions/xxxx/resourceGroups/MuraliRG/providers/Microsoft.Storage/storageAccounts/xxxxx'
resource sa 'Microsoft.Storage/storageAccounts@2022-05-01' = {
name: storageAccountName
location: location
sku: {
name: storageAccountType
}
kind: 'StorageV2'
properties: {}
}
resource networkWatcher 'Microsoft.Network/networkWatchers@2019-11-01' = {
name: networkWatcherName
location: location
properties: {}
}
resource flowLog 'Microsoft.Network/networkWatchers/flowLogs@2022-01-01' = {
parent: networkWatcher
name: flowLogName1
location: location
properties: {
enabled: true
flowAnalyticsConfiguration: {
networkWatcherFlowAnalyticsConfiguration: {
enabled: true
trafficAnalyticsInterval: 60
workspaceId: workspaceId
workspaceRegion: workspaceRegion
workspaceResourceId: workspaceResourceId
}
}
retentionPolicy: {
days: retentionDays
enabled: true
}
format: {
type: 'JSON'
version: flowLogsVersion
}
targetResourceId: existingNSG1
storageId: storageId
}
}
I have a doubt on how to enter the value of multiple NSG ID. For example if i have 100+ NSG in a subscription how to enter all the values of NSG ID. BICEP is giving a condition "You are limited to 256 parameters in a Bicep file". Kindly advise on how to solve this issue.
As suggested by @Thomas, you can create an array to store all existing NSG Ids and provide them to the network watcher resource using a
forloop.I tried achieving your requirement by referring to the sample template from MS Doc and was successful as showed.
Refer here for multiple ways of traversing the
for loopin bicep.