added support for analyticscloud log (oracle-terraform-modules#25)

Author: karthicgit

locals.tf

@@ -2,6 +2,10 @@
 #Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
 locals {
+
+  analyticscloudlogdef   = { for k, v in var.service_logdef : k => v if v.service == "oacnativeproduction" }
+  analyticscloudloggroup = [for k, v in var.service_logdef : v.loggroup if v.service == "oacnativeproduction"]
+
   apigwlogdef   = { for k, v in var.service_logdef : k => v if v.service == "apigateway" }
   apigwloggroup = [for k, v in var.service_logdef : v.loggroup if v.service == "apigateway"]
 

main.tf

@@ -1,6 +1,18 @@
 #Copyright (c) 2021, 2023 Oracle Corporation and/or its affiliates.
 #Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
 
+#Analytics Cloud loggroup resource
+resource "oci_logging_log_group" "analyticscloudloggroup" {
+
+  for_each = toset(local.analyticscloudloggroup)
+
+  compartment_id = var.compartment_id
+  description    = "Oracle Analytics Cloud Loggroup"
+  display_name   = var.label_prefix == "none" ? each.value : format("%s-%s", var.label_prefix, each.value)
+  freeform_tags  = var.loggroup_tags
+
+}
+
 #APIGateway loggroup resource
 resource "oci_logging_log_group" "apigwloggroup" {
 
@@ -304,6 +316,18 @@ module "mediaflowlog" {
 
 }
 
+module "analyticscloudlog" {
+  source                 = "./modules/analyticscloud"
+  compartment_id         = var.compartment_id
+  label_prefix           = var.label_prefix
+  logdefinition          = local.analyticscloudlogdef
+  log_retention_duration = var.log_retention_duration
+  loggroup               = oci_logging_log_group.analyticscloudloggroup
+
+  count = length(local.analyticscloudlogdef) >= 1 ? 1 : 0
+
+}
+
 module "objectstorelog" {
   source                 = "./modules/objectstorage"
   compartment_id         = var.compartment_id

modules/analyticscloud/analyticscloudlog.tf

@@ -0,0 +1,54 @@
+#Copyright (c) 2023 Oracle Corporation and/or its affiliates.
+#Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+data "oci_analytics_analytics_instances" "analyticscloud" {
+  for_each = var.logdefinition
+
+  compartment_id = var.compartment_id
+
+  name  = each.value.resource
+  state = "ACTIVE"
+}
+
+
+resource "oci_logging_log" "analyticscloud_audit_log" {
+
+
+  for_each = var.logdefinition
+
+  display_name = var.label_prefix == "none" ? format("%s%s", "audit", each.key) : format("%s-%s%s", var.label_prefix, "access", each.key)
+  log_group_id = var.loggroup[each.value.loggroup].id
+  log_type     = "SERVICE"
+  configuration {
+    source {
+      category    = "audit"
+      resource    = data.oci_analytics_analytics_instances.analyticscloud[each.key].analytics_instances.0.id
+      service     = "oacnativeproduction"
+      source_type = "OCISERVICE"
+    }
+  }
+
+  is_enabled         = lookup(each.value, "enable", true)
+  retention_duration = var.log_retention_duration
+
+}
+
+resource "oci_logging_log" "analyticscloud_diag_log" {
+  for_each = var.logdefinition
+
+  display_name = var.label_prefix == "none" ? format("%s%s", "diagnostic", each.key) : format("%s-%s%s", var.label_prefix, "exec", each.key)
+  log_group_id = var.loggroup[each.value.loggroup].id
+  log_type     = "SERVICE"
+  configuration {
+    source {
+      category    = "diagnostic"
+      resource    = data.oci_analytics_analytics_instances.analyticscloud[each.key].analytics_instances.0.id
+      service     = "oacnativeproduction"
+      source_type = "OCISERVICE"
+    }
+  }
+
+  is_enabled         = lookup(each.value, "enable", true)
+  retention_duration = var.log_retention_duration
+
+}

modules/analyticscloud/outputs.tf

@@ -0,0 +1,14 @@
+#Copyright (c) 2023 Oracle Corporation and/or its affiliates.
+#Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+output "analyticscloud_auditlogid" {
+  value = { for v in oci_logging_log.analyticscloud_audit_log : v.display_name => v.id }
+}
+
+output "analyticscloud_diaglogid" {
+  value = { for v in oci_logging_log.analyticscloud_diag_log : v.display_name => v.id }
+}
+
+output "analyticscloud_loggroupid" {
+  value = { for k, v in var.loggroup : v.display_name => v.id }
+}

modules/analyticscloud/variables.tf

@@ -0,0 +1,27 @@
+#Copyright (c) 2023 Oracle Corporation and/or its affiliates.
+#Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+variable "label_prefix" {
+  default     = "none"
+  description = "A string that will be prepended to log resources."
+  type        = string
+}
+variable "logdefinition" {
+  type        = map(any)
+  description = "Log definition"
+}
+
+variable "log_retention_duration" {
+  type        = string
+  description = "Duration to retain logs"
+}
+
+variable "compartment_id" {
+  type        = string
+  description = "Compartment ID where the resources will be created"
+}
+
+variable "loggroup" {
+  type        = map(any)
+  description = "Log Group"
+}

modules/analyticscloud/versions.tf

@@ -0,0 +1,12 @@
+#Copyright (c) 2023 Oracle Corporation and/or its affiliates.
+#Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl
+
+terraform {
+  required_providers {
+    oci = {
+      source  = "oracle/oci"
+      version = ">= 4.67.3"
+    }
+  }
+  required_version = ">= 1.0.0"
+}

modules/apigateway/apigwlog.tf

@@ -6,7 +6,6 @@ data "oci_apigateway_deployments" "apigw_deployments" {
   for_each       = var.logdefinition
   compartment_id = var.compartment_id
 
-  #Optional
   display_name = each.value.resource
   state        = "ACTIVE"
 }

modules/custom/customlog.tf

@@ -23,7 +23,6 @@ resource "oci_logging_unified_agent_configuration" "linux_unified_agent_configur
 
     configuration_type = "LOGGING"
 
-    #Optional
     destination {
 
       log_object_id = oci_logging_log.linux_log[each.key].id
@@ -148,7 +147,6 @@ resource "oci_logging_unified_agent_configuration" "windows_unified_agent_config
 
     configuration_type = "LOGGING"
 
-    #Optional
     destination {
 
       log_object_id = oci_logging_log.win_log[each.key].id
@@ -158,21 +156,15 @@ resource "oci_logging_unified_agent_configuration" "windows_unified_agent_config
 
       source_type = "WINDOWS_EVENT_LOG"
 
-      #Optional
+
       channels = lookup(each.value, "channel", ["Application"])
       name     = each.key
     }
 
   }
-  #Optional
-  #   defined_tags = {
-  #     "${oci_identity_tag_namespace.tag-namespace1.name}.${oci_identity_tag.tag1.name}" = var.log_group_defined_tags_value
-  #   }
 
-  #   freeform_tags = var.unified_agent_configuration_freeform_tags
   group_association {
 
-    #Optional
     group_list = [data.oci_identity_dynamic_groups.win_dynamic_groups[each.key].dynamic_groups.0.id]
   }
 
@@ -210,7 +202,6 @@ data "oci_identity_dynamic_groups" "linux_dynamic_groups" {
   for_each       = local.logdef
   compartment_id = var.tenancy_id
 
-  #Optional
   name  = each.value.dg
   state = "ACTIVE"
 }
@@ -220,7 +211,6 @@ data "oci_identity_dynamic_groups" "win_dynamic_groups" {
   for_each       = local.winlogdef
   compartment_id = var.tenancy_id
 
-  #Optional
   name  = each.value.dg
   state = "ACTIVE"
 }

modules/emaildelivery/emaillog.tf

@@ -5,8 +5,6 @@ data "oci_email_email_domains" "email_domains" {
   for_each       = var.logdefinition
   compartment_id = var.compartment_id
 
-  #Optional
-  #id    = var.email_domain_id
   name  = each.value.resource
   state = "ACTIVE"
 }

modules/event/eventlog.tf

@@ -5,7 +5,6 @@ data "oci_events_rules" "event_rules" {
   for_each       = var.logdefinition
   compartment_id = var.compartment_id
 
-  #Optional
   display_name = each.value.resource
   state        = "ACTIVE"
 }

modules/function/functionlog.tf

@@ -6,7 +6,6 @@ data "oci_functions_applications" "func_apps" {
   for_each       = var.logdefinition
   compartment_id = var.compartment_id
 
-  #Optional
   display_name = each.value.resource
 
 }

modules/integration/intlog.tf

@@ -5,7 +5,6 @@ data "oci_integration_integration_instances" "integration_instances" {
   for_each       = var.logdefinition
   compartment_id = var.compartment_id
 
-  #Optional
   display_name = each.value.resource
   state        = "ACTIVE"
 }

terraform.tfvars.example

@@ -34,7 +34,8 @@ service_logdef = {
     #intlog = {loggroup="intloggroup",service="integration",resource="<integrationinstance>"}
     #waflog = {loggroup="wafloggroup",service="waf",resource="<firewallname>"}
     #medialog = {loggroup="medialoggroup",service="mediaflow",resource="<mediaworkflow>"}
-    #apmlog = {loggroup="apmloggroup",service="apm",resource="apmdomain"}
+    #apmlog = {loggroup="apmloggroup",service="apm",resource="<apmdomain>"}
+    #OAClog = {loggroup="OACloggroup",service="oacnativeproduction",resource="<OACinstance>"}
 
   }