Enterprise-Scale icon indicating copy to clipboard operation
Enterprise-Scale copied to clipboard

Published 20 hours ago verified publisher icon Azure

Incorrect automation region mapping for Log Analytics workspace in East US regions

Open krowlandson opened this issue 2 years ago • 9 comments

Describe the bug

As described in https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/issues/449, the Portal and Terraform experiences both share a common issue whereby the deployment cannot successfully link the Log Analytics workspace to the Automation Account when a user specified either the East US or East US 2 regions.

This is because of the different region pairings listed in the supported mapping docs for this.

Steps to reproduce

  1. Run through the Portal experience, selecting East US or East US 2 as the Region under the Deployment location blade.
  2. Note that validation passes (Portal validation bug?)
  3. See that the deployment succeeds (Link creation bug?)
  4. Browse to Update management for the deployed Automation Account and see that you are unable to select the deployed Log Analytics workspace

Screenshots

image

image

image

krowlandson avatar Aug 30 '22 08:08 krowlandson

cc: @autocloudarc @jtracey93

Also linking to PR: https://github.com/Azure/ALZ-Bicep/pull/97

krowlandson avatar Aug 30 '22 08:08 krowlandson

Thanks @krowlandson, is there a proposed fix or action here?

From my perspective, all we could do is:

  1. Get the pairing enabled by engineering
  2. Provide 2 region selections in the portal experience for automation and log analytics regions and let customers choose their own pairings, with a warning/note to the supported pairings doc.
  3. Wait for Update Management Center Preview to go GA and then this requirement for linking goes away?

We can also speak to the ARM/Portal experience teams to see if they could do additional validation checks to find that it actually wont pass validation as it does today.

Thoughts?

jtracey93 avatar Aug 30 '22 08:08 jtracey93

As per the Terraform module, I was planning to have the deployment template automatically set the correct region pairing. It's currently only these two which are different. Not ideal, but better than nothing.

krowlandson avatar Aug 30 '22 08:08 krowlandson

Sounds very sensible.

So if user selects East US or East US 2 then auto do the mapping for them to the correct region pairings?

jtracey93 avatar Aug 30 '22 08:08 jtracey93

Trigger ADO Sync 1

jtracey93 avatar Sep 11 '22 07:09 jtracey93

Trigger ADO Sync 2

jtracey93 avatar Sep 11 '22 07:09 jtracey93

@jtracey93 ,

Regarding option 3 as stated below in a previous response...

  1. Wait for Update Management Center Preview to go GA and then this requirement for linking goes away?

...Even when this service becomes GA, the linking of the Automation Account and the Log Analytics workspace is still required to provide other Configuration Management features such as Change Tracking and Inventory management anyway, so I'm not convinced if waiting for Update Management Center Preview would be a viable option after-all.

image

image

autocloudarc avatar Oct 19 '22 19:10 autocloudarc

@jtracey93 are we in agreement to fix this with basically the same approach as in the Terraform module?

image

https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/pull/460/files#diff-f12fde51b2517cd1da9ca8aae0ab022fc170803575c69eef6776c454dd5296d8R149-R158

Anything else we want to consider for the ARM implementation?

Also, should we implement this logic in the ARM template, or add a new input parameter and control the logic in the UI form?

krowlandson avatar Oct 20 '22 15:10 krowlandson

And thank you @autocloudarc for the additional inputs 👍🏻

krowlandson avatar Oct 20 '22 15:10 krowlandson