We have a log analytics workspace that we want to join to a log analytics cluster, but I’m not sure how we’re supposed to make this change in terraform. The azure provider docs say we need to use the log_analytics_linked_service resource which is fine, but there’s an issue with the sku. When a log analytics workspace is connected to a cluster the sku is LACluster which isn’t one of the options according to the registry docs. So no matter what we set sku to it wants to change, for example:
# azurerm_log_analytics_workspace.logs will be updated in-place
~ resource "azurerm_log_analytics_workspace" "logs" {
id = <LAW-id>
name = <LAW-name>
~ sku = "LACluster" -> "CapacityReservation"
tags = {}
# (13 unchanged attributes hidden)
}
but the docs also say
If a
azurerm_log_analytics_workspaceis connected to aazurerm_log_analytics_clustervia aazurerm_log_analytics_linked_serviceyou will not be able to modify the workspacesskufield until the link between the workspace and the cluster has been broken by deleting theazurerm_log_analytics_linked_serviceresource.
So the sku change always fails. Trying to set the sku to LACluster doesn’t work because the provider won’t even get past the plan phase with “invalid” sku values.
I’m just not sure how this is supposed to work?
This is the relevant terraform we have
resource "azurerm_log_analytics_workspace" "logs" {
name = "${local.group_name}-law"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
sku = var.sku
retention_in_days = var.log_retention
}
resource "azurerm_log_analytics_linked_service" "cluster_link" {
resource_group_name = azurerm_resource_group.rg.name
workspace_id = azurerm_log_analytics_workspace.logs.id
write_access_id = var.log_analytics_cluster_id
}