Resource: aws_verifiedaccess_instance_logging_configuration

Terraform resource for managing a Verified Access Logging Configuration.

Example Usage

With CloudWatch Logging

resource "aws_verifiedaccess_instance_logging_configuration" "example" {
  access_logs {
    cloudwatch_logs {
      enabled   = true
      log_group = aws_cloudwatch_log_group.example.id
    }
  }
  verifiedaccess_instance_id = aws_verifiedaccess_instance.example.id
}

With Kinesis Data Firehose Logging

resource "aws_verifiedaccess_instance_logging_configuration" "example" {
  access_logs {
    kinesis_data_firehose {
      delivery_stream = aws_kinesis_firehose_delivery_stream.example.name
      enabled         = true
    }
  }
  verifiedaccess_instance_id = aws_verifiedaccess_instance.example.id
}

With S3 logging

resource "aws_verifiedaccess_instance_logging_configuration" "example" {
  access_logs {
    s3 {
      bucket_name = aws_s3_bucket.example.id
      enabled     = true
      prefix      = "example"
    }
  }
  verifiedaccess_instance_id = aws_verifiedaccess_instance.example.id
}

With all three logging options

resource "aws_verifiedaccess_instance_logging_configuration" "example" {
  access_logs {
    cloudwatch_logs {
      enabled   = true
      log_group = aws_cloudwatch_log_group.example.id
    }
    kinesis_data_firehose {
      delivery_stream = aws_kinesis_firehose_delivery_stream.example.name
      enabled         = true
    }
    s3 {
      bucket_name = aws_s3_bucket.example.id
      enabled     = true
    }
  }
  verifiedaccess_instance_id = aws_verifiedaccess_instance.example.id
}

With include_trust_context

resource "aws_verifiedaccess_instance_logging_configuration" "example" {
  access_logs {
    include_trust_context = true
  }
  verifiedaccess_instance_id = aws_verifiedaccess_instance.example.id
}

With log_version

resource "aws_verifiedaccess_instance_logging_configuration" "example" {
  access_logs {
    log_version = "ocsf-1.0.0-rc.2"
  }
  verifiedaccess_instance_id = aws_verifiedaccess_instance.example.id
}

Argument Reference

This resource supports the following arguments:

access_logs

A access_logs block supports the following arguments:

cloudwatch_logs

A cloudwatch_logs block supports the following arguments:

kinesis_data_firehose

A kinesis_data_firehose block supports the following arguments:

s3

A s3 block supports the following arguments:

Attribute Reference

This resource exports no additional attributes.

Import

In Terraform v1.5.0 and later, use an import block to import Verified Access Logging Configuration using the Verified Access Instance id. For example:

import {
  to = aws_verifiedaccess_instance_logging_configuration.example
  id = "vai-1234567890abcdef0"
}

Using terraform import, import Verified Access Logging Configuration using the Verified Access Instance id. For example:

% terraform import aws_verifiedaccess_instance_logging_configuration.example vai-1234567890abcdef0