Manages a AWS S3 Data Connector.
resource "azurerm_resource_group" "example" {
name = "example-rg"
location = "West Europe"
}
resource "azurerm_log_analytics_workspace" "example" {
name = "example-workspace"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku = "PerGB2018"
}
resource "azurerm_sentinel_log_analytics_workspace_onboarding" "example" {
workspace_id = azurerm_log_analytics_workspace.example.id
}
resource "azurerm_sentinel_data_connector_aws_s3" "example" {
name = "example"
log_analytics_workspace_id = azurerm_sentinel_log_analytics_workspace_onboarding.example.workspace_id
aws_role_arn = "arn:aws:iam::000000000000:role/role1"
destination_table = "AWSGuardDuty"
sqs_urls = ["https://sqs.us-east-1.amazonaws.com/000000000000/example"]
}
The following arguments are supported:
name
- (Required) The name which should be used for this AWS S3 Data Connector. Changing this forces a new AWS S3 Data Connector to be created.
log_analytics_workspace_id
- (Required) The ID of the Log Analytics Workspace that this AWS S3 Data Connector resides in. Changing this forces a new AWS S3 Data Connector to be created.
aws_role_arn
- (Required) The ARN of the AWS role, which is connected to this AWS CloudTrail Data Connector. See the Azure document for details.
destination_table
- (Required) The name of the Log Analytics table that will store the ingested data.
sqs_urls
- (Required) Specifies a list of AWS SQS urls for the AWS S3 Data Connector.
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the AWS S3 Data Connector.The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the AWS S3 Data Connector.read
- (Defaults to 5 minutes) Used when retrieving the AWS S3 Data Connector.update
- (Defaults to 30 minutes) Used when updating the AWS S3 Data Connector.delete
- (Defaults to 30 minutes) Used when deleting the AWS S3 Data Connector.AWS S3 Data Connectors can be imported using the resource id
, e.g.
terraform import azurerm_sentinel_data_connector_aws_s3.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/dataConnectors/dc1