如何使用 Terraform 11.14 启用 Azure Key Vault 日志记录?
How do you enable Azure Key Vault logging using Terraform 11.14?
如何使用 Terraform 11.14 启用 Azure Key Vault 日志记录?
您可以参考 this example 为现有的 Azure Key vault 启用 diagnostic_setting。
例如,这对我有用。我正在使用 Terraform v0.12.5 + provider.azurerm v1.32.0
编辑:您不需要在 v0.12+ 中引用标识符,因为不存在函数,即 data.azurerm_key_vault.test.id 与 "${data.azurerm_key_vault.test.id}"
data "azurerm_resource_group" "test"{
name = "myrg"
}
data "azurerm_key_vault" "test" {
name = "mykeyvault"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
data "azurerm_log_analytics_workspace" "test" {
name = "myloganalytics"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
data "azurerm_storage_account" "test" {
name = "mystorageaccountname"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
resource "azurerm_monitor_diagnostic_setting" "test" {
name = "example"
target_resource_id = "${data.azurerm_key_vault.test.id}"
storage_account_id = "${data.azurerm_storage_account.test.id}"
log_analytics_workspace_id = "${data.azurerm_log_analytics_workspace.test.id}"
log {
category = "AuditEvent"
enabled = false
retention_policy {
enabled = false
}
}
metric {
category = "AllMetrics"
retention_policy {
enabled = false
}
}
}
resource "azurerm_monitor_diagnostic_setting" "diagnostic-log-analytic" {
name = "diagnostic-setting"
target_resource_id = azurerm_key_vault.<Your KeyVault>.id
log_analytics_workspace_id = azurerm_log_analytics_workspace.<Your Log Analytics WS>.id
log {
category = "AuditEvent"
enabled = true
}
metric {
category = "AllMetrics"
enabled = true
}
}
如何使用 Terraform 11.14 启用 Azure Key Vault 日志记录?
您可以参考 this example 为现有的 Azure Key vault 启用 diagnostic_setting。
例如,这对我有用。我正在使用 Terraform v0.12.5 + provider.azurerm v1.32.0
编辑:您不需要在 v0.12+ 中引用标识符,因为不存在函数,即 data.azurerm_key_vault.test.id 与 "${data.azurerm_key_vault.test.id}"
data "azurerm_resource_group" "test"{
name = "myrg"
}
data "azurerm_key_vault" "test" {
name = "mykeyvault"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
data "azurerm_log_analytics_workspace" "test" {
name = "myloganalytics"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
data "azurerm_storage_account" "test" {
name = "mystorageaccountname"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
resource "azurerm_monitor_diagnostic_setting" "test" {
name = "example"
target_resource_id = "${data.azurerm_key_vault.test.id}"
storage_account_id = "${data.azurerm_storage_account.test.id}"
log_analytics_workspace_id = "${data.azurerm_log_analytics_workspace.test.id}"
log {
category = "AuditEvent"
enabled = false
retention_policy {
enabled = false
}
}
metric {
category = "AllMetrics"
retention_policy {
enabled = false
}
}
}
resource "azurerm_monitor_diagnostic_setting" "diagnostic-log-analytic" {
name = "diagnostic-setting"
target_resource_id = azurerm_key_vault.<Your KeyVault>.id
log_analytics_workspace_id = azurerm_log_analytics_workspace.<Your Log Analytics WS>.id
log {
category = "AuditEvent"
enabled = true
}
metric {
category = "AllMetrics"
enabled = true
}
}