Adds log analytics configuration to postgres

This commit is contained in:
Rob Gil 2020-01-30 14:43:52 -05:00
parent 8856d0f448
commit 27f3096593
3 changed files with 37 additions and 1 deletions

View File

@ -35,3 +35,33 @@ resource "azurerm_postgresql_virtual_network_rule" "sql" {
subnet_id = var.subnet_id
ignore_missing_vnet_service_endpoint = true
}
resource "azurerm_postgresql_database" "db" {
name = "${var.name}-${var.environment}-atat"
resource_group_name = azurerm_resource_group.sql.name
server_name = azurerm_postgresql_server.sql.name
charset = "UTF8"
collation = "en-US"
}
resource "azurerm_monitor_diagnostic_setting" "postgresql_diagnostic" {
name = "${var.name}-${var.environment}-postgresql-diag"
target_resource_id = azurerm_postgresql_server.sql.id
log_analytics_workspace_id = var.workspace_id
log {
category = "PostgreSQLLogs"
enabled = true
retention_policy {
enabled = true
}
}
metric {
category = "AllMetrics"
retention_policy {
enabled = true
}
}
}

View File

@ -93,3 +93,8 @@ variable "ssl_enforcement" {
description = "Enforce SSL (Enabled/Disable)"
default = "Enabled"
}
variable "workspace_id" {
description = "Log Analytics workspace for this resource to log to"
type = string
}

View File

@ -14,7 +14,8 @@ module "sql" {
owner = var.owner
environment = var.environment
region = var.region
subnet_id = module.vpc.subnets # FIXME - Should be a map of subnets and specify private
subnet_id = module.vpc.subnet_list["private"].id
administrator_login = data.azurerm_key_vault_secret.postgres_username.value
administrator_login_password = data.azurerm_key_vault_secret.postgres_password.value
workspace_id = module.logs.workspace_id
}