Recently I’ve came into the following situation. I needed to store a json as Azure Automation string variable. To do that is easy as you just need to pass the json as text by first escaping it. That is easy peasy when using PowerShell. But what if you want to pass the json as object parameter via ARM template parameters file and do the escape completely within the ARM template. Apparently that is possible as well and I will show you how.
My good friend and fellow MVP Tao Yang wrote a great post on Using ARM Templates to Deploying Azure Policy Definitions That Requires Input Parameters. Azure Policy has two terms that you should be aware:
- Policy Definition – This is the policy itself. This is the definition of what will be governed. The policy definition when created does not do anything until it is assigned. There are policy definitions available out of the box (created by Microsoft) and such that can be created on your own. Out of box policies are of type built-in and the ones created by you are custom.
- Policy Assignment – This assigns policy definition to be applied at specific level like subscription, management group or resource group.
While discussing Azure/OMS topics in the community I often see incorrect usage of OMS (Operations Management Suite). That is understandable of course as Microsoft hasn’t done good job at clearing out all the terms but I still think we should be using the correct term when posting questions or discussing OMS in forums and other sites. This can help us communicate better between each other and especially in forums could result to answering question faster. As we the move from OMS Portal to Azure Portal it was about time to write this blog post which I’ve intended to do for quite some time but always delayed due to different circumstances.
For quite some time it was clear that the OMS Portal will move completely to Azure and that is good news. We have seen services like Update Management, Azure Security Center (Security & Audit solution is part of it) releasing new functionalities only in Azure Portal. In fact some services that have been part of OMS (OMS is a suite not a product or service) have always been in Azure Portal. Such services are Azure Backup, Site Recovery, Application Insights, etc. Microsoft has documented OMS Portal deprecation but I would like to add some things to the ones documented there:
Log Analytics alerts aka Azure Log Search Alerts allows you to create a single alert and trigger alert instances per a column. This is possible by creating metric measurement alert. Unfortunately these types of alerts also have a limitation which might be blocking in certain situation. The classical example for that limitation is to create a single alert that will separate instance for free disk space threshold for each computer and disk. The query representation of that looks like this: