fix: Fixed retention policy for flow log

clouddrove · Jun 16, 2023 · 7ee75d8 · 7ee75d8
1 parent 109be74
commit 7ee75d8
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 17 deletions.
diff --git a/_example/basic/example.tf b/_example/basic/example.tf
@@ -5,9 +5,9 @@ module "network_security_group" {
   source                  = "../../"
   name                    = "app"
   environment             = "test"
-  resource_group_name     = module.resource_group.resource_group_name
-  resource_group_location = module.resource_group.resource_group_location
-  subnet_ids              = module.subnet.default_subnet_id
+  resource_group_name     = "test-rg"
+  resource_group_location = "CanadaCentral"
+  subnet_ids              = ""
   inbound_rules = [
     {
       name                  = "ssh"
@@ -33,6 +33,5 @@ module "network_security_group" {
       description                = "ssh allowed port"
     }
   ]
-  enable_diagnostic          = true
-  log_analytics_workspace_id = module.log-analytics.workspace_id
+  enable_diagnostic = false
 }
diff --git a/_example/nsg-with-flow-logs/example.tf b/_example/nsg-with-flow-logs/example.tf
@@ -101,17 +101,18 @@ module "storage" {
 ## Network Security Group module call. 
 ##-----------------------------------------------------------------------------
 module "network_security_group" {
-  depends_on                  = [module.subnet]
-  source                      = "../../"
-  name                        = local.name
-  environment                 = local.environment
-  resource_group_name         = module.resource_group.resource_group_name
-  resource_group_location     = module.resource_group.resource_group_location
-  subnet_ids                  = module.subnet.default_subnet_id
-  enable_flow_logs            = true
-  network_watcher_name        = module.vnet.network_watcher_name
-  flow_log_storage_account_id = module.storage.default_storage_account_id
-  enable_traffic_analytics    = false
+  depends_on                        = [module.subnet]
+  source                            = "../../"
+  name                              = local.name
+  environment                       = local.environment
+  resource_group_name               = module.resource_group.resource_group_name
+  resource_group_location           = module.resource_group.resource_group_location
+  subnet_ids                        = module.subnet.default_subnet_id
+  enable_flow_logs                  = true
+  network_watcher_name              = module.vnet.network_watcher_name
+  flow_log_storage_account_id       = module.storage.default_storage_account_id
+  enable_traffic_analytics          = false
+  flow_log_retention_policy_enabled = true
   inbound_rules = [
     {
       name                  = "ssh"

diff --git a/main.tf b/main.tf
@@ -134,7 +134,7 @@ resource "azurerm_network_watcher_flow_log" "nsg_flow_logs" {
 }
 
 ##----------------------------------------------------------------------------- 
-## Below resource will create diagnostic setting for ACR.   
+## Below resource will create diagnostic setting for network security group.  
 ##-----------------------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "example" {
   count                          = var.enabled && var.enable_diagnostic ? 1 : 0