Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Azure add support for x-ms-AzureResourceId Header #2184

Open
floriankoch opened this issue May 19, 2020 · 1 comment · May be fixed by #2545
Open

Azure add support for x-ms-AzureResourceId Header #2184

floriankoch opened this issue May 19, 2020 · 1 comment · May be fixed by #2545
Assignees
@edsiper
Labels
enhancement

Comments

@floriankoch
Copy link

To use the resoure permission model in Azure Log Analytics, the resourceId needs to be part of the REST call via the x-ms-AzureResourceId header

This was implementet in fluentd recently
yokawasa/fluent-plugin-azure-loganalytics#17
@edsiper edsiper self-assigned this May 20, 2020
floriankoch pushed a commit to floriankoch/fluent-bit that referenced this issue Aug 23, 2020
out_azure: Add support for the x-ms-AzureResourceId Header fluent#2184
06165eb 
Signed-off-by: Florian Koch <[email protected]>
@floriankoch floriankoch mentioned this issue Aug 23, 2020
Closed
4 tasks
floriankoch pushed a commit to floriankoch/fluent-bit that referenced this issue Aug 26, 2020
out_azure: Add support for the x-ms-AzureResourceId Header fluent#2184
660006f 
Signed-off-by: Florian Koch <[email protected]>
floriankoch pushed a commit to floriankoch/fluent-bit that referenced this issue Aug 26, 2020
out_azure: Add support for the x-ms-AzureResourceId Header fluent#2184
faa6076 
Signed-off-by: Florian Koch <[email protected]>
floriankoch pushed a commit to floriankoch/fluent-bit that referenced this issue Sep 13, 2020
out_azure: Add support for resource-context access mode fluent#2184
7bf598b 
           https://docs.microsoft.com/en-us/azure/azure-monitor/platform/design-logs-deployment#access-mode)

Signed-off-by: Florian Koch <[email protected]>
@floriankoch floriankoch linked a pull request Sep 13, 2020 that will close this issue
Open
4 tasks
floriankoch pushed a commit to floriankoch/fluent-bit that referenced this issue Sep 14, 2020
out_azure: Add support for resource-context access mode fluent#2184
0d59212 
           https://docs.microsoft.com/en-us/azure/azure-monitor/platform/design-logs-deployment#access-mode)

Signed-off-by: Florian Koch <[email protected]>
floriankoch pushed a commit to floriankoch/fluent-bit that referenced this issue Sep 14, 2020
out_azure: Add support for resource-context access mode fluent#2184
3a7dc3e 
           https://docs.microsoft.com/en-us/azure/azure-monitor/platform/design-logs-deployment#access-mode)

Signed-off-by: Florian Koch <[email protected]>
@github-actions
Copy link
Contributor

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added Stale and removed Stale labels May 16, 2021
nif added a commit to nif/fluent-bit that referenced this issue Sep 6, 2021
@nif
out_azure: new plugin parameter "resource_id" - adds support for x-ms…
910c3e0 
…-AzureResourceId header

When AzureResourceId is defined, it will be hand over to Azure data-collector-api using
"x-ms-AzureResourceId" http header - as specified in azure documentation:

>> The resource ID of the Azure resource that the data should be associated with.
>> It populates the _ResourceId property and allows the data to be included in resource-context queries.

The documentation is available at:
https://docs.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api

_ResourceId is something like:
/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/example-rg/providers/Microsoft.Insights/components/insights-test-01
or just id of some ResourceGroup:
/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/example-rg

Log records with any _RessourceId (and also records without _RessourceId) are still visible
at the Log Analytics Workspace level. But only log records with corresponding _ResourceId
are visible at the ResourceGroup level - so it is easier to find required records later.
Also access policies can be implemented to allow user to access log records relevant
to some project but disallow access to log records from other projects.

initially suggested by Florian Koch <[email protected]>:
  fluent#2184

Signed-off-by: Evgeny Nifontov <[email protected]>
@nif nif mentioned this issue Sep 6, 2021
Closed
4 tasks
nif added a commit to nif/fluent-bit that referenced this issue Sep 6, 2021
@nif
out_azure: new plugin parameter "resource_id" - adds support for x-ms…
d395044 
…-AzureResourceId header

When AzureResourceId is defined, it will be hand over to Azure data-collector-api using
"x-ms-AzureResourceId" http header - as specified in azure documentation:

>> The resource ID of the Azure resource that the data should be associated with.
>> It populates the _ResourceId property and allows the data to be included in resource-context queries.

The documentation is available at:
https://docs.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api

_ResourceId is id of some resource in Azure:
/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/example-rg/providers/Microsoft.Insights/components/insights-test-01
or just id of some ResourceGroup:
/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/example-rg

Log records with any _RessourceId (and also records without _RessourceId) are still visible
at the Log Analytics Workspace level. But only log records with corresponding _ResourceId
are visible at the ResourceGroup level - so it is easier to find required records later.
Also access policies can be implemented to allow user to access log records relevant
to some project but disallow access to log records from other projects.

initially suggested by Florian Koch <[email protected]>:
  fluent#2184

Signed-off-by: Evgeny Nifontov <[email protected]>
@nif nif mentioned this issue Sep 6, 2021
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@edsiper edsiper

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

out_azure: Add support for resource-context access mode #2184 floriankoch/fluent-bit
2 participants
@edsiper @floriankoch