From 308ea6a8612901fe85045139e9817f9997db8b40 Mon Sep 17 00:00:00 2001
From: Rob Gil <dds@rem5.com>
Date: Wed, 29 Jan 2020 11:30:07 -0500
Subject: [PATCH] Enables logging for storage account buckets

There are bugs in the latest version of the azurerm provider which do
not account for all the log types. We had to use a local-exec here.
---
 terraform/modules/bucket/main.tf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/terraform/modules/bucket/main.tf b/terraform/modules/bucket/main.tf
index e2f91f58..eeab6490 100644
--- a/terraform/modules/bucket/main.tf
+++ b/terraform/modules/bucket/main.tf
@@ -30,3 +30,11 @@ resource "azurerm_storage_container" "bucket" {
   storage_account_name  = azurerm_storage_account.bucket.name
   container_access_type = var.container_access_type
 }
+
+# Added until requisite TF bugs are fixed. Typically this would be configured in the 
+# storage_account resource
+resource "null_resource" "retention" {
+  provisioner "local-exec" {
+    command = "az storage logging update --account-name ${azurerm_storage_account.bucket.name} --log rwd --services bqt --retention 90"
+  }
+}
\ No newline at end of file