Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do you enable Azure Key Vault logging using Terraform 11.14?

How do you enable Azure Key Vault logging using Terraform 11.14?

like image 461
user2368632 Avatar asked Sep 03 '25 15:09

user2368632


1 Answers

You could refer to this example to enable diagnostic_setting for existing Azure Key vault.

For example, this works for me. I am using Terraform v0.12.5 + provider.azurerm v1.32.0

EDIT: You do not need to quote the identifiers in v0.12+ as there are no functions present, i.e. data.azurerm_key_vault.test.id vs "${data.azurerm_key_vault.test.id}"

data "azurerm_resource_group" "test"{
    name = "myrg"
}

data "azurerm_key_vault" "test" {
  name                = "mykeyvault"
  resource_group_name = "${data.azurerm_resource_group.test.name}"
}

data "azurerm_log_analytics_workspace" "test" {
  name                = "myloganalytics"
  resource_group_name = "${data.azurerm_resource_group.test.name}"
}

data "azurerm_storage_account" "test" {
  name                = "mystorageaccountname"
  resource_group_name = "${data.azurerm_resource_group.test.name}"
}

resource "azurerm_monitor_diagnostic_setting" "test" {
  name               = "example"
  target_resource_id = "${data.azurerm_key_vault.test.id}"
  storage_account_id = "${data.azurerm_storage_account.test.id}"
  log_analytics_workspace_id = "${data.azurerm_log_analytics_workspace.test.id}"


  log {
    category = "AuditEvent"
    enabled  = false

    retention_policy {
      enabled = false
    }
  }

  metric {
    category = "AllMetrics"

    retention_policy {
      enabled = false
    }
  }
}

enter image description here

like image 96
Nancy Xiong Avatar answered Sep 05 '25 16:09

Nancy Xiong