Manages a Log Profile. A Log Profile configures how Activity Logs are exported.
resource "azurerm_resource_group" "example" {
name = "logprofiletest-rg"
location = "West Europe"
}
resource "azurerm_storage_account" "example" {
name = "afscsdfytw"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "GRS"
}
resource "azurerm_eventhub_namespace" "example" {
name = "logprofileeventhub"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku = "Standard"
capacity = 2
}
resource "azurerm_monitor_log_profile" "example" {
name = "default"
categories = [
"Action",
"Delete",
"Write",
]
locations = [
"westus",
"global",
]
# RootManageSharedAccessKey is created by default with listen, send, manage permissions
servicebus_rule_id = "${azurerm_eventhub_namespace.example.id}/authorizationrules/RootManageSharedAccessKey"
storage_account_id = azurerm_storage_account.example.id
retention_policy {
enabled = true
days = 7
}
}
The following arguments are supported:
name
- (Required) The name of the Log Profile. Changing this forces a new resource to be created.
categories
- (Required) List of categories of the logs.
locations
- (Required) List of regions for which Activity Log events are stored or streamed.
storage_account_id
- (Optional) The resource ID of the storage account in which the Activity Log is stored. At least one of storage_account_id
or servicebus_rule_id
must be set.
servicebus_rule_id
- (Optional) The service bus (or event hub) rule ID of the service bus (or event hub) namespace in which the Activity Log is streamed to. At least one of storage_account_id
or servicebus_rule_id
must be set.
retention_policy
- (Required) A retention_policy
block as documented below. A retention policy for how long Activity Logs are retained in the storage account.
The retention_policy
block supports:
enabled
- (Required) A boolean value to indicate whether the retention policy is enabled.
days
- (Optional) The number of days for the retention policy. Defaults to 0
.
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the Log Profile.The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Log Profile.update
- (Defaults to 30 minutes) Used when updating the Log Profile.read
- (Defaults to 5 minutes) Used when retrieving the Log Profile.delete
- (Defaults to 30 minutes) Used when deleting the Log Profile.A Log Profile can be imported using the resource id
, e.g.
terraform import azurerm_monitor_log_profile.example /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Insights/logProfiles/test