Kirill Shevchuk 29c02dea60 temp event filter | vor 1 Jahr | |
---|---|---|
.. | ||
terraform | vor 1 Jahr | |
README.md | vor 1 Jahr |
This Terraform example deploys a Cloud Function with a Trigger and scraps the Kubernetes cluster audit logs from Cloud Logging group and stores the logs in the Object Storage bucket.
Cloud Logging group can be created with Yandex Data Streams support, so your audit logs can be forwarded to Yandex Data Stream in parallel. See Creating a log group using CLI instruction for more information.
Prerequisites:
##
1) If you apply this module from Russian Federation – create the ~/.terraformrc
file and specify Yandex Cloud network mirror:
cat ~/.terraformrc
provider_installation {
network_mirror {
url = "https://terraform-network-mirror.storage.yandexcloud.net/"
}
}
2) Fill out the fields in the provider.tf
file: specify the token for authentication, or use service account key file.
3) Create a private.auto.tfvars
file and fill the required variables. (see example of private.auto.tfvars
file below)
4) Run:
terraform init
terraform apply
Example of private.auto.tfvars
file:
cloud_id = "b1g3xxxxxxxxxxxxxxxx"
folder_id = "b1g7xxxxxxxxxxxxxxxx"
cluster_id = "catsxxxxxxxxxxxxxxxx"
logging_group_id = "e23oxxxxxxxxxxxxxxxx"
storage_bucket_name = "audit-log-bucket-xxxxxx"