google_logging_project_bucket_config

Manages a project-level logging bucket config. For more information see the official logging documentation and Storing Logs.

Example Usage

resource "google_project" "default" {
    project_id = "your-project-id"
    name       = "your-project-id"
    org_id     = "123456789"
}

resource "google_logging_project_bucket_config" "basic" {
    project    = google_project.default.project_id
    location  = "global"
    retention_days = 30
    bucket_id = "_Default"
}

Create logging bucket with customId

resource "google_logging_project_bucket_config" "basic" {
    project    = "project_id"
    location  = "global"
    retention_days = 30
    bucket_id = "custom-bucket"
}

Create logging bucket with Log Analytics enabled

resource "google_logging_project_bucket_config" "analytics-enabled-bucket" {
    project          = "project_id"
    location         = "global"
    retention_days   = 30
    enable_analytics = true
    bucket_id        = "custom-bucket"
}

Create logging bucket with customId and cmekSettings

data "google_logging_project_cmek_settings" "cmek_settings" {
    project = "project_id"
}

resource "google_kms_key_ring" "keyring" {
    name     = "keyring-example"
    location = "us-central1"
}

resource "google_kms_crypto_key" "key" {
    name            = "crypto-key-example"
    key_ring        = google_kms_key_ring.keyring.id
    rotation_period = "7776000s"
}

resource "google_kms_crypto_key_iam_binding" "crypto_key_binding" {
    crypto_key_id = google_kms_crypto_key.key.id
    role          = "roles/cloudkms.cryptoKeyEncrypterDecrypter"

    members = [
        "serviceAccount:${data.google_logging_project_cmek_settings.cmek_settings.service_account_id}",
    ]
}

resource "google_logging_project_bucket_config" "example-project-bucket-cmek-settings" {
    project        = "project_id"
    location       = "us-central1"
    retention_days = 30
    bucket_id      = "custom-bucket"

    cmek_settings {
        kms_key_name = google_kms_crypto_key.key.id
    }

    depends_on   = [google_kms_crypto_key_iam_binding.crypto_key_binding]
}

Create logging bucket with index configs

resource "google_logging_project_bucket_config" "example-project-bucket-index-configs" {
  project          = "project_id"
  location         = "global"
  retention_days   = 30
  bucket_id        = "custom-bucket"

  index_configs   = {
    file_path   = "jsonPayload.request.status"
    type        = "INDEX_TYPE_STRING"
  }
}

Argument Reference

The following arguments are supported:

The cmek_settings block supports:

The index_configs block supports:

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Import

This resource can be imported using the following format:

In Terraform v1.5.0 and later, use an import block to import this resource using one of the formats above. For example:

import {
  id = "projects/{{project}}/locations/{{location}}/buckets/{{bucket_id}}"
  to = google_logging_project_bucket_config.default
}

When using the terraform import command, this resource can be imported using one of the formats above. For example:

$ terraform import google_logging_project_bucket_config.default projects/{{project}}/locations/{{location}}/buckets/{{bucket_id}}