diff --git a/terraform/modules/k8s/main.tf b/terraform/modules/k8s/main.tf index 060d50b8..8ecbb4cd 100644 --- a/terraform/modules/k8s/main.tf +++ b/terraform/modules/k8s/main.tf @@ -39,3 +39,45 @@ resource "azurerm_kubernetes_cluster" "k8s" { owner = var.owner } } + +resource "azurerm_monitor_diagnostic_setting" "k8s_diagnostic-1" { + name = "${var.name}-${var.environment}-k8s-diag" + target_resource_id = azurerm_kubernetes_cluster.k8s.id + log_analytics_workspace_id = var.workspace_id + log { + category = "kube-apiserver" + retention_policy { + enabled = true + } + } + log { + category = "kube-controller-manager" + retention_policy { + enabled = true + } + } + log { + category = "kube-scheduler" + retention_policy { + enabled = true + } + } + log { + category = "kube-audit" + retention_policy { + enabled = true + } + } + log { + category = "cluster-autoscaler" + retention_policy { + enabled = true + } + } + metric { + category = "AllMetrics" + retention_policy { + enabled = true + } + } +} diff --git a/terraform/modules/k8s/variables.tf b/terraform/modules/k8s/variables.tf index e8ca5a27..79bac3de 100644 --- a/terraform/modules/k8s/variables.tf +++ b/terraform/modules/k8s/variables.tf @@ -62,3 +62,8 @@ variable "client_secret" { type = string description = "The client secret for the Service Principal associated with the AKS cluster." } + +variable "workspace_id" { + description = "Log Analytics workspace for this resource to log to" + type = string +} \ No newline at end of file diff --git a/terraform/providers/dev/k8s.tf b/terraform/providers/dev/k8s.tf index 7d415c9c..fe3dac18 100644 --- a/terraform/providers/dev/k8s.tf +++ b/terraform/providers/dev/k8s.tf @@ -22,6 +22,7 @@ module "k8s" { min_count = 3 client_id = data.azurerm_key_vault_secret.k8s_client_id.value client_secret = data.azurerm_key_vault_secret.k8s_client_secret.value + workspace_id = module.logs.workspace_id } #module "main_lb" {