Enables logging for storage account buckets

There are bugs in the latest version of the azurerm provider which do not account for all the log types. We had to use a local-exec here.
2020-01-29 11:30:07 -05:00 · 2020-01-29 11:30:07 -05:00 · 308ea6a861
commit 308ea6a861
parent 8475b519ce
1 changed files with 8 additions and 0 deletions
--- a/terraform/modules/bucket/main.tf
+++ b/terraform/modules/bucket/main.tf
@ -30,3 +30,11 @@ resource "azurerm_storage_container" "bucket" {
  storage_account_name  = azurerm_storage_account.bucket.name
  container_access_type = var.container_access_type
 }
+
+# Added until requisite TF bugs are fixed. Typically this would be configured in the 
+# storage_account resource
+resource "null_resource" "retention" {
+  provisioner "local-exec" {
+    command = "az storage logging update --account-name ${azurerm_storage_account.bucket.name} --log rwd --services bqt --retention 90"
+  }
+}