Skip to content

azurermSentinelLogAnalyticsWorkspaceOnboarding

Manages a Security Insights Sentinel Onboarding.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermLogAnalyticsWorkspaceExample =
  new azurerm.logAnalyticsWorkspace.LogAnalyticsWorkspace(this, "example_1", {
    location: azurermResourceGroupExample.location,
    name: "example-law",
    resource_group_name: azurermResourceGroupExample.name,
    sku: "PerGB2018",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLogAnalyticsWorkspaceExample.overrideLogicalId("example");
const azurermSentinelLogAnalyticsWorkspaceOnboardingExample =
  new azurerm.sentinelLogAnalyticsWorkspaceOnboarding.SentinelLogAnalyticsWorkspaceOnboarding(
    this,
    "example_2",
    {
      customer_managed_key_enabled: false,
      resource_group_name: azurermResourceGroupExample.name,
      workspace_name: azurermLogAnalyticsWorkspaceExample.name,
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSentinelLogAnalyticsWorkspaceOnboardingExample.overrideLogicalId(
  "example"
);

Arguments Reference

The following arguments are supported:

  • resourceGroupName - (Required) Specifies the name of the Resource Group where the Security Insights Sentinel Onboarding States should exist. Changing this forces the Log Analytics Workspace off the board and onboard again.

  • workspaceName - (Required) Specifies the Workspace Name. Changing this forces the Log Analytics Workspace off the board and onboard again. Changing this forces a new resource to be created.

  • customerManagedKeyEnabled - (Optional) Specifies if the Workspace is using Customer managed key. Defaults to false. Changing this forces a new resource to be created.

-> Note: To set up Microsoft Sentinel customer-managed key it needs to enable CMK on the workspace and add access policy to your Azure Key Vault. Details could be found on this document

-> Note: Once a workspace is onboarded to Microsoft Sentinel with customerManagedKeyEnabled set to true, it will not be able to be onboarded again with customerManagedKeyEnabled set to false.

Attributes Reference

In addition to the Arguments listed above - the following Attributes are exported:

  • id - The ID of the Security Insights Sentinel Onboarding States.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 30 minutes) Used when creating the Security Insights Sentinel Onboarding States.
  • read - (Defaults to 5 minutes) Used when retrieving the Security Insights Sentinel Onboarding States.
  • delete - (Defaults to 30 minutes) Used when deleting the Security Insights Sentinel Onboarding States.

Import

Security Insights Sentinel Onboarding States can be imported using the resourceId, e.g.

terraform import azurerm_security_insights_sentinel_onboarding.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourceGroup1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/onboardingStates/defaults