google_logging_organization_sink

Manages a organization-level logging sink. For more information see:

Example Usage

resource "google_logging_organization_sink" "my-sink" {
  name   = "my-sink"
  description = "some explanation on what this is"
  org_id = "123456789"

  # Can export to pubsub, cloud storage, or bigquery
  destination = "storage.googleapis.com/${google_storage_bucket.log-bucket.name}"

  # Log all WARN or higher severity messages relating to instances
  filter = "resource.type = gce_instance AND severity >= WARNING"
}

resource "google_storage_bucket" "log-bucket" {
  name     = "organization-logging-bucket"
  location = "US"
}

resource "google_project_iam_member" "log-writer" {
  project = "your-project-id"
  role    = "roles/storage.objectCreator"
  member  = google_logging_organization_sink.my-sink.writer_identity
}

Argument Reference

The following arguments are supported:

The bigquery_options block supports:

The exclusions block supports:

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Import

Organization-level logging sinks can be imported using this format:

In Terraform v1.5.0 and later, use an import block to import organization-level logging sinks using one of the formats above. For example:

import {
  id = "organizations/{{organization_id}}/sinks/{{sink_id}}"
  to = google_logging_organization_sink.default
}

When using the terraform import command, organization-level logging sinks can be imported using one of the formats above. For example:

$ terraform import google_logging_organization_sink.default organizations/{{organization_id}}/sinks/{{sink_id}}