github.com/yankunsam/loki/v2@v2.6.3-0.20220817130409-389df5235c27/tools/gcplog/main.tf (about) 1 terraform { 2 required_providers { 3 google = { 4 source = "hashicorp/google" 5 version = "3.5.0" 6 } 7 } 8 } 9 10 provider "google" { 11 credentials = file(var.credentials_file) 12 project = var.project 13 zone = var.zone 14 region= var.region 15 } 16 17 resource "google_pubsub_topic" "cloud-logs" { 18 name = var.name 19 } 20 21 resource "google_logging_project_sink" "main" { 22 name = var.name 23 destination = "pubsub.googleapis.com/projects/${var.project}/topics/${var.name}" 24 filter = var.inclusion_filter 25 dynamic "exclusions" { 26 for_each = var.exclusions 27 content { 28 name = exclusions.value.name 29 filter = exclusions.value.filter 30 } 31 } 32 unique_writer_identity = true 33 } 34 35 resource "google_pubsub_subscription" "main" { 36 name = var.name 37 topic = google_pubsub_topic.cloud-logs.name 38 } 39 40 resource "google_pubsub_topic_iam_binding" "log-writer" { 41 topic = google_pubsub_topic.cloud-logs.name 42 role = "roles/pubsub.publisher" 43 members = [ 44 google_logging_project_sink.main.writer_identity, 45 ] 46 } 47 48 # Variables 49 50 variable "credentials_file" {} 51 variable "zone" {} 52 variable "region" {} 53 variable "project" {} 54 55 variable "name" { 56 description = "Name of the gcplog setup" 57 default = "cloud-logs" 58 } 59 60 variable "project" { 61 description = "Google cloud project name" 62 } 63 64 variable "inclusion_filter" { 65 description = "Logs inclusion filter that tells what kind of logs should be ingested into pubsub topic" 66 default = "" // default no logs should be ingested 67 } 68 69 variable "exclusions" { 70 default = [] 71 description = "Logs exclusion filter that tells what kind of logs should be ignored" 72 type = list(object({ 73 name = string 74 filter = string 75 })) 76 }