如果可能的话，如何在 terraform 中添加 "Archive to a storage account"？

Question

在 Terraform 的 Azure 提供商的 Keyvault 诊断中是否有启用“存档到存储帐户”的选项？

Answer 1

如果您想为 Azure Key Vault 配置诊断设置，我们可以use the azurerm_monitor_diagnostic_setting resource to configure it. For more details, please refer to here

例如

创建服务主体

az login
az account set --subscription "SUBSCRIPTION_ID"
az ad sp create-for-rbac --role "Contributor" --scopes "/subscriptions/<subscription_id>"

脚本

provider "azurerm" {

    version = "~>2.0"
        subscription_id = ""
        client_id = "sp appId"
        client_secret = "sp password"
        tenant_id = "sp tenant"
        features {}

}

data "azurerm_storage_account" "mystorage" {
    name = ""
    resource_group_name = ""
}

data "azurerm_key_vault" "mykey" {
    name = ""
    resource_group_name =""
}

resource "azurerm_monitor_diagnostic_setting" "example" {
  name               = "example"
  target_resource_id = data.azurerm_key_vault.mykey.id
  storage_account_id = data.azurerm_storage_account.mystorage.id

  log {
    category = "AuditEvent"
    enabled  = false

    retention_policy {
      enabled = false
    }
  }

  metric {
    category = "AllMetrics"

    retention_policy {
      enabled = false
    }
  }
}

如果可能的话，如何在 terraform 中添加 "Archive to a storage account"？

How, if possible, to add "Archive to a storage account" in terraform?

azure-keyvault

terraform-provider-azure