How do you enable Azure Key Vault logging using Terraform 11.14?
You could refer to this example to enable diagnostic_setting for existing Azure Key vault.
For example, this works for me. I am using Terraform v0.12.5
+ provider.azurerm v1.32.0
EDIT: You do not need to quote the identifiers in v0.12+
as there are no functions present, i.e. data.azurerm_key_vault.test.id
vs "${data.azurerm_key_vault.test.id}"
data "azurerm_resource_group" "test"{
name = "myrg"
}
data "azurerm_key_vault" "test" {
name = "mykeyvault"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
data "azurerm_log_analytics_workspace" "test" {
name = "myloganalytics"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
data "azurerm_storage_account" "test" {
name = "mystorageaccountname"
resource_group_name = "${data.azurerm_resource_group.test.name}"
}
resource "azurerm_monitor_diagnostic_setting" "test" {
name = "example"
target_resource_id = "${data.azurerm_key_vault.test.id}"
storage_account_id = "${data.azurerm_storage_account.test.id}"
log_analytics_workspace_id = "${data.azurerm_log_analytics_workspace.test.id}"
log {
category = "AuditEvent"
enabled = false
retention_policy {
enabled = false
}
}
metric {
category = "AllMetrics"
retention_policy {
enabled = false
}
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With