azurermMonitorLogProfile
Manages a Log Profile. A Log Profile configures how Activity Logs are exported.
-> NOTE: It's only possible to configure one Log Profile per Subscription. If you are trying to create more than one Log Profile, an error with statusCode=409 will occur.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "logprofiletest-rg",
}
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
this,
"example_1",
{
account_replication_type: "GRS",
account_tier: "Standard",
location: azurermResourceGroupExample.location,
name: "afscsdfytw",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermEventhubNamespaceExample =
new azurerm.eventhubNamespace.EventhubNamespace(this, "example_2", {
capacity: 2,
location: azurermResourceGroupExample.location,
name: "logprofileeventhub",
resource_group_name: azurermResourceGroupExample.name,
sku: "Standard",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermEventhubNamespaceExample.overrideLogicalId("example");
const azurermMonitorLogProfileExample =
new azurerm.monitorLogProfile.MonitorLogProfile(this, "example_3", {
categories: ["Action", "Delete", "Write"],
locations: ["westus", "global"],
name: "default",
retention_policy: [
{
days: 7,
enabled: true,
},
],
servicebus_rule_id: `\${${azurermEventhubNamespaceExample.id}}/authorizationrules/RootManageSharedAccessKey`,
storage_account_id: azurermStorageAccountExample.id,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermMonitorLogProfileExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
name- (Required) The name of the Log Profile. Changing this forces a new resource to be created. -
categories- (Required) List of categories of the logs. -
locations- (Required) List of regions for which Activity Log events are stored or streamed. -
storageAccountId- (Optional) The resource ID of the storage account in which the Activity Log is stored. At least one ofstorageAccountIdorservicebusRuleIdmust be set. -
servicebusRuleId- (Optional) The service bus (or event hub) rule ID of the service bus (or event hub) namespace in which the Activity Log is streamed to. At least one ofstorageAccountIdorservicebusRuleIdmust be set. -
retentionPolicy- (Required) AretentionPolicyblock as documented below. A retention policy for how long Activity Logs are retained in the storage account.
The retentionPolicy block supports:
-
enabled- (Required) A boolean value to indicate whether the retention policy is enabled. -
days- (Optional) The number of days for the retention policy. Defaults to0.
Attributes Reference
The following attributes are exported:
id- The ID of the Log Profile.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the Log Profile.update- (Defaults to 30 minutes) Used when updating the Log Profile.read- (Defaults to 5 minutes) Used when retrieving the Log Profile.delete- (Defaults to 30 minutes) Used when deleting the Log Profile.
Import
A Log Profile can be imported using the resourceId, e.g.