Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support to disable Diagnostics settings (classic) of Storage Account in Bicep #2321

Open
vienleidl opened this issue Oct 10, 2024 · 2 comments
Open

Support to disable Diagnostics settings (classic) of Storage Account in Bicep #2321

vienleidl opened this issue Oct 10, 2024 · 2 comments

Comments

@vienleidl
Copy link

vienleidl commented Oct 10, 2024
edited
Loading

Issue
Diagnostics are enabled by default on new storage accounts created from the Azure portal, PowerShell and Azure Bicep. In the diagnostic settings (classic) blade, hour metrics are always enabled by default for blob, file, table & queue services, on the new-created Storage Account.

Expected solution
It would be better if we can turn diagnostics on or off by using Azure Bicep.

Image
@vienleidl vienleidl changed the title Disable Azure Storage Analytics diagnostics with Bicep Support to disable Diagnostics settings (classic) of Storage Account in Bicep Oct 10, 2024
@vienleidl vienleidl mentioned this issue Oct 10, 2024
Closed
@jikuja
Copy link

jikuja commented Oct 11, 2024

Looks like this settings in on data layer => not modifiable with ARM/Bicep directly.

E.g. Disable blob metrics is PUT request on https://xxxxxxx.blob.core.windows.net/?restype=service&comp=properties&_=1728627741675&sv=2022-11-02&ss=bqtf&srt=sco&sp=rwdlacuptfxiy&se=2024-10-11T14:18:58Z&sig=XXXXXXX

with payload of

<?xml version="1.0"?>
<StorageServiceProperties>
  <Logging>
    <Version>1.0</Version>
    <Read>false</Read>
    <Write>false</Write>
    <Delete>false</Delete>
    <RetentionPolicy>
      <Enabled>false</Enabled>
    </RetentionPolicy>
  </Logging>
  <HourMetrics>
    <Version>1.0</Version>
    <Enabled>false</Enabled>
    <RetentionPolicy>
      <Enabled>false</Enabled>
    </RetentionPolicy>
  </HourMetrics>
  <MinuteMetrics>
    <Version>1.0</Version>
    <Enabled>false</Enabled>
    <RetentionPolicy>
      <Enabled>false</Enabled>
    </RetentionPolicy>
  </MinuteMetrics>
</StorageServiceProperties>

Even classic metric persist in on by default, it does save metrics because Azure Storage will retire classic metrics on January 9, 2024. To transition to Azure Monitor metrics, see[Azure Storage metrics migration](https://learn.microsoft.com/azure/storage/common/storage-metrics-migration?WT.mc_id=Portal-Microsoft_Azure_Storage)

Default state on portal:
Image

Default state XML:

<?xml version="1.0" encoding="utf-8"?>
<StorageServiceProperties>
  <Logging>
    <Version>1.0</Version>
    <Read>false</Read>
    <Write>false</Write>
    <Delete>false</Delete>
    <RetentionPolicy>
      <Enabled>false</Enabled>
    </RetentionPolicy>
  </Logging>
  <HourMetrics>
    <Version>1.0</Version>
    <Enabled>true</Enabled>
    <IncludeAPIs>true</IncludeAPIs>
    <RetentionPolicy>
      <Enabled>true</Enabled>
      <Days>7</Days>
    </RetentionPolicy>
  </HourMetrics>
  <MinuteMetrics>
    <Version>1.0</Version>
    <Enabled>false</Enabled>
    <RetentionPolicy>
      <Enabled>false</Enabled>
    </RetentionPolicy>
  </MinuteMetrics>
  <Cors/>
  <DeleteRetentionPolicy>
    <Enabled>true</Enabled>
    <Days>30</Days>
    <AllowPermanentDelete>false</AllowPermanentDelete>
  </DeleteRetentionPolicy>
  <StaticWebsite>
    <Enabled>false</Enabled>
  </StaticWebsite>
</StorageServiceProperties>

Bicep/ARM folks are probably going to ask if you have opened support request because this is fixable on by the product group / on resource provider.

@vienleidl
Copy link
Author

vienleidl commented Oct 11, 2024
edited
Loading

Long time ago, after the Storage Account had been newly created, the Storage logging data ($log blob container) were recorded accordingly. Now only Hour metrics are enabled by default for those 4 storage services.

Image

I have to run the following PowerShell script to turn off those Storage Analytics metrics after the Storage Accounts have been created with Bicep templates,

Write-Host "Starting the process to turn off Diagnostic settings (classic) of related Storage Accounts..." -ForegroundColor Green
$StorageAccounts = (Get-AzStorageAccount -ResourceGroupName $ResourceGroupName)

ForEach ($StorageAccount in $StorageAccounts) {  
    $StorageContext = $StorageAccount.Context
    Write-Host "Turning off the Diagnostic settings (classic) of the Storage Account: $($StorageAccount.StorageAccountName)" -ForegroundColor Blue
    Set-AzStorageServiceMetricsProperty -MetricsType Hour -MetricsLevel None -Context $StorageContext -ServiceType Blob
    Set-AzStorageServiceMetricsProperty -MetricsType Hour -MetricsLevel None -Context $StorageContext -ServiceType File
    Set-AzStorageServiceMetricsProperty -MetricsType Hour -MetricsLevel None -Context $StorageContext -ServiceType Table
    Set-AzStorageServiceMetricsProperty -MetricsType Hour -MetricsLevel None -Context $StorageContext -ServiceType Queue
}

TBH, I don't understand what the retirement of classic metrics (Storage Analytics metrics) means 😉, because as of now I can see it is still enabled by default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Bicep
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jikuja @vienleidl