fleetengine-logging-config

Module : Fleet Engine logging config

This module will setup Cloud Logging integration for Fleet Engine.

Features

• Turn on prerequisite services in the project
• Create Cloud Router for each logging sink service (Logging Bucket, BigQuery, Pub/Sub, Cloud Storage) of choice.
• Configure IAM permissions for cross project logging (source: Fleet Engine project, destination: Logging project)
• Configure Logging exclusion for _Default sink of Fleet Engine project

Usage examples

examples usage of this module can be found under folder "examples"

• with_existing_logging_project : setting up reference solution in a existing project
• with_new_logging_project : creates a new project for the reference solution prior to setup
• multiregion : setting up a shared logging project for multiple regional Fleet Engine projects

Modules

No modules.

Resources

Name	Type
google_bigquery_dataset.fleetengine-logging-sink-bq	resource
google_bigquery_dataset.fleetengine-logging-sink-pubsub-bq	resource
google_bigquery_dataset_iam_member.fleetengine-logging-sink-bq-editor	resource
google_bigquery_table.fleetengine-logging-sink-pubsub-bq-table	resource
google_logging_project_bucket_config.fleetengine-logging-logbucket	resource
google_logging_project_exclusion.log-exclusion-fleetengine	resource
google_logging_project_sink.fleetengine-logrouter-bigquery	resource
google_logging_project_sink.fleetengine-logrouter-logging	resource
google_logging_project_sink.fleetengine-logrouter-pubsub	resource
google_logging_project_sink.fleetengine-logrouter-storage	resource
google_project_iam_member.bq_data_editor	resource
google_project_iam_member.bq_metadata_viewer	resource
google_project_iam_member.iam_member_me	resource
google_project_iam_member.project_iam_loggingadmin	resource
google_project_iam_member.project_iam_loggingbucket_writer	resource
google_project_service.gcp_services	resource
google_project_service.gcp_services_bigquery	resource
google_project_service.gcp_services_logging	resource
google_project_service.gcp_services_pubsub	resource
google_project_service.gcp_services_storage	resource
google_pubsub_subscription.fleetengine-logging-subscription-bigquery	resource
google_pubsub_subscription.fleetengine-logging-subscription-default	resource
google_pubsub_topic.fleetengine-logging-sink-pubsub	resource
google_pubsub_topic_iam_member.fleetengine-logging-sink-topic-publisher	resource
google_storage_bucket.fleetengine-logging-sink-storage	resource
google_storage_bucket_iam_member.fleetengine-logging-sink-storage-editor	resource
google_project.project-fleetengine	data source
google_project.project-loggingsync	data source

Inputs

Name	Description	Type	Default	Required
BQ_DATASET	Name of BigQuery dataset to store logs	string	"fleetengine_logging"	no
FLAG_SETUP_LOGGING_BIGQUERY	whether to setup Logging or not for BigQuery	bool	true	no
FLAG_SETUP_LOGGING_CLOUDSTORAGE	whether to setup Logging or not for Cloud Storage Buckets	bool	false	no
FLAG_SETUP_LOGGING_EXCLUSION	whether to setup Logging exclusion for _Default	bool	false	no
FLAG_SETUP_LOGGING_LOGGING	whether to setup Logging or not for Logging Buckets	bool	false	no
FLAG_SETUP_LOGGING_PUBSUB	whether to setup Logging or not for Pub/Sub	bool	false	no
FLAG_SETUP_LOGGING_PUBSUB_SUB_BQ	whether to setup a push BigQuery subscription for the Pub/Sub topic	bool	false	no
FLAG_SETUP_LOGGING_PUBSUB_SUB_DEFAULT	whether to setup a subscription for the Pub/Sub topic	bool	false	no
GCP_REGION	For resources than can be constrained to sit within a GCP region, a region of preference.	string	"asia-southeast1"	no
GCP_ZONE	For resources than can be constrained to sit within a GCP zone, a zone of preference. This should be one of the zones in the selected GCP_REGION	string	"asia-southeast1-b"	no
LOG_FILTER	Filter applied to capture log events and send to sinks	string	"(\n resource.type=\"audited_resource\"\n resource.labels.service=\"fleetengine.googleapis.com\"\n resource.labels.method=\"maps.fleetengine.v1.TripService.ReportBillableTrip\"\n) \nOR resource.type=\"fleetengine.googleapis.com/Fleet\"\nOR resource.type=\"fleetengine.googleapis.com/DeliveryFleet\"\n"	no
ME	user account running terraform	string	n/a	yes
PROJECT_FLEETENGINE	The project with Fleet Engine (ODRD/LMFS) enabled.	string	n/a	yes
PROJECT_LOGGINGSYNC	The project where the Logging data will be persisted	string	n/a	yes
PUBSUB_TOPIC_NAME	Name of Pub/Sub topic to publish log events	string	"fleetengine-logging-topic"	no
RETENTION	Data retention period in days	number	30	no

Outputs

Name	Description
console-links	direct link to related pages in Cloud Console
fleetengine-log-sinks	Log Sink details
fleetengine-logrouters	Log router details