New cmdlets for FlowLog feature #12187
Description
FlowLog feature was created around 3 years ago. It allows customer to view information about ingress and egress IP traffic through an NSG. It used to be a proxy child resource of NetworkWatcher. Customer could enable/disable it using POST ConfigureFlowLog call. The problem with this approach was that customers couldn’t deploy flowLogs through template and couldn’t easily track and update them.
So, it was decided to make flowLog a tracked ARM resource and add PUT/GET/DELETE operations.
Now we need to add corresponding cmdlets for CREATE/GET and DELETE
Parameters for CREATE cmdlet should be the same as for this cmdlet: https://docs.microsoft.com/en-us/cli/azure/network/watcher/flow-log?view=azure-cli-latest#az-network-watcher-flow-log-configure
Here is documentation on existing cmdlets (for POST calls): https://docs.microsoft.com/en-us/cli/azure/network/watcher/flow-log?view=azure-cli-latest
Starting from: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkWatchers/{networkWatcherName}/flowLogs/{flowLogName}": {
And here is an example for PUT operation: https://github.com/Azure/azure-rest-api-specs/blob/master/specification/network/resource-manager/Microsoft.Network/stable/2019-11-01/examples/NetworkWatcherFlowLogCreate.json
ETA
First half of March
Additional context
- One problem we encountered during discussion is what we should do about current
az network watcher flow-log showcmdlet. Right now on the backend it makes a POST call and returns this object:
{
"targetResourceId": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/cleanupservice/providers/Microsoft.Network/networkSecurityGroups/rg-cleanupservice-nsg5",
"properties": {
"storageId": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/MyCanaryFlowLog/providers/Microsoft.Storage/storageAccounts/immutablelogfltestsa",
"enabled": true,
"retentionPolicy": {
"days": 0,
"enabled": false
},
"format": {
"type": "JSON",
"version": 1
}
},
"flowAnalyticsConfiguration": {
"networkWatcherFlowAnalyticsConfiguration": {
"enabled": false,
"workspaceId": "a9ea48c6-2184-419a-9e39-31a913279979",
"workspaceRegion": "eastus",
"workspaceResourceId": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourcegroups/flowlogsv2demo/providers/microsoft.operationalinsights/workspaces/hossamws",
"trafficAnalyticsInterval": 60
}
}
}
In a new cmdlet for GET call we need it to return
{
"name": "Microsoft.Networkcleanupservicerg-cleanupservice-nsg5",
"id": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/NetworkWatcherRG/providers/Microsoft.Network/networkWatchers/NetworkWatcher_eastus2euap/FlowLogs/Microsoft.Networkcleanupservicerg-cleanupservice-nsg5",
"etag": "W/\"149be128-02f3-4165-a8b2-3204792e425c\"",
"properties": {
"provisioningState": "Failed",
"targetResourceId": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/cleanupservice/providers/Microsoft.Network/networkSecurityGroups/rg-cleanupservice-nsg5",
"targetResourceGuid": "fedd4848-4ce8-49ae-b308-824efdc42b14",
"storageId": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/MyCanaryFlowLog/providers/Microsoft.Storage/storageAccounts/immutablelogfltestsa",
"enabled": true,
"flowAnalyticsConfiguration": {
"networkWatcherFlowAnalyticsConfiguration": {
"enabled": false,
"workspaceId": "a9ea48c6-2184-419a-9e39-31a913279979",
"workspaceRegion": "eastus",
"workspaceResourceId": "/subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourcegroups/flowlogsv2demo/providers/microsoft.operationalinsights/workspaces/hossamws",
"trafficAnalyticsInterval": 60
}
},
"retentionPolicy": {
"days": 0,
"enabled": false
},
"format": {
"type": "JSON",
"version": 1
}
},
"type": "Microsoft.Network/networkWatchers/FlowLogs",
"location": "eastus2euap"
}