Fix example uami issue

.gitignore

@@ -53,3 +53,4 @@ tests/modules/test_local
 **/super-linter.log
 .vscode/launch.json
 .github/scripts/Template.Parser.Cli.exe
+examples/400-multi-with-orchestration/*.auto.tfvars

examples/400-multi-with-orchestration/main.tf

@@ -16,6 +16,12 @@ provider "azurerm" {
   features {}
 }
 
+provider "azurerm" {
+  alias           = "connectivity"
+  subscription_id = local.subscription_id_connectivity
+  features {}
+}
+
 # Get the current client configuration from the AzureRM provider
 
 data "azurerm_client_config" "current" {}
@@ -66,5 +72,24 @@ module "core" {
   subscription_id_connectivity     = local.subscription_id_connectivity
   subscription_id_identity         = local.subscription_id_identity
   subscription_id_management       = local.subscription_id_management
-  template_file_variables          = var.template_file_variables
+  template_file_variables = {
+    userAssignedIdentities = {
+      "Deploy-VMSS-Monitoring" = [
+        "/subscriptions/${local.subscription_id_connectivity}/resourceGroups/${azurerm_resource_group.uami.name}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${azurerm_user_assigned_identity.uami1.name}"
+      ]
+    }
+  }
+}
+
+resource "azurerm_resource_group" "uami" {
+  provider = azurerm.connectivity
+  name     = "rg-uami-01"
+  location = var.primary_location
+}
+
+resource "azurerm_user_assigned_identity" "uami1" {
+  provider            = azurerm.connectivity
+  location            = azurerm_resource_group.uami.location
+  name                = "uami-01"
+  resource_group_name = azurerm_resource_group.uami.name
 }

examples/400-multi-with-orchestration/modules/core/lib/policy_assignment_es_deploy_vmss_monitoring.tmpl.json.tftpl

@@ -1,5 +1,5 @@
 ${jsonencode(
-  {
+{
   "type": "Microsoft.Authorization/policyAssignments",
   "apiVersion": "2022-06-01",
   "name": "Deploy-VMSS-Monitoring",
@@ -14,16 +14,31 @@ ${jsonencode(
   "properties": {
     "description": "Enable Azure Monitor for the Virtual Machine Scale Sets in the specified scope (Management group, Subscription or resource group). Takes Log Analytics workspace as parameter. Note: if your scale set upgradePolicy is set to Manual, you need to apply the extension to the all VMs in the set by calling upgrade on them. In CLI this would be az vmss update-instances.",
     "displayName": "Enable Azure Monitor for Virtual Machine Scale Sets",
-    "policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/75714362-cae7-409e-9b99-a8e5075b7fad",
+    "policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/f5bf694c-cca7-4033-b883-3a23327d5485",
     "enforcementMode": "Default",
     "nonComplianceMessages": [
       {
         "message": "Azure Monitor {enforcementMode} be enabled for Virtual Machines Scales Sets."
       }
     ],
     "parameters": {
-      "logAnalytics_1": {
-        "value": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/${root_scope_id}-mgmt/providers/Microsoft.OperationalInsights/workspaces/${root_scope_id}-la"
+      "dcrResourceId": {
+        "value": "${azure_monitor_data_collection_rule_vm_insights_resource_id}"
+      },
+      "bringYourOwnUserAssignedManagedIdentity": {
+        "value": true
+      },
+      "restrictBringYourOwnUserAssignedIdentityToSubscription": {
+        "value": false
+      },
+      "userAssignedIdentityResourceId": {
+        "value": "${user_assigned_managed_identity_resource_id}"
+      },
+      "enableProcessesAndDependencies": {
+        "value": true
+      },
+      "scopeToSupportedImages": {
+        "value": false
       }
     },
     "scope": "${current_scope_resource_id}",