Log format (#4)

* Add custom log format

* Add custom log format

* update docs

Author: anishkumarait

.pre-commit-config.yaml

@@ -18,7 +18,7 @@ repos:
     args: ['--allow-missing-credentials']
   - id: trailing-whitespace
 - repo: https://github.com/antonbabenko/pre-commit-terraform
-  rev: v1.96.2
+  rev: v1.99.5
   hooks:
   - id: terraform_fmt
   - id: terraform_docs

README.md

@@ -59,6 +59,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_cloudwatch_log_group_name"></a> [cloudwatch\_log\_group\_name](#input\_cloudwatch\_log\_group\_name) | Custom name used for cloudwatch log group | `string` | `null` | no |
 | <a name="input_kms_key_id"></a> [kms\_key\_id](#input\_kms\_key\_id) | The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group, AWS CloudWatch Logs stops encrypting newly ingested data for the log group. All previously ingested data remains encrypted, and AWS CloudWatch Logs requires permissions for the CMK whenever the encrypted data is requested. | `string` | `null` | no |
+| <a name="input_log_format"></a> [log\_format](#input\_log\_format) | Custom format for flow log records | `string` | `null` | no |
 | <a name="input_max_aggregation_interval"></a> [max\_aggregation\_interval](#input\_max\_aggregation\_interval) | The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. Valid Values: 60 seconds (1 minute) or 600 seconds (10 minutes) | `string` | `"600"` | no |
 | <a name="input_name_prefix"></a> [name\_prefix](#input\_name\_prefix) | A prefix used for naming resources. | `string` | n/a | yes |
 | <a name="input_retention_in_days"></a> [retention\_in\_days](#input\_retention\_in\_days) | Specifies the number of days you want to retain log events in the specified log group. | `string` | `null` | no |

examples/core/main.tf

@@ -22,6 +22,7 @@ module "flow-logs" {
   traffic_type = "ALL"
   # retention_in_days = 30
   # max_aggregation_interval = 60
+  # log_format = "$${interface-id} $${account-id} $${srcaddr} $${dstaddr} $${srcport} $${dstport} $${action} $${log-status}"
 
   tags = {
     Environment = "test"

main.tf

@@ -48,5 +48,7 @@ resource "aws_flow_log" "flow_logs" {
 
   max_aggregation_interval = var.max_aggregation_interval
 
+  log_format = var.log_format
+
   tags = var.tags
 }

variables.tf

@@ -62,3 +62,9 @@ variable "cloudwatch_log_group_name" {
   type        = string
   default     = null
 }
+
+variable "log_format" {
+  description = "Custom format for flow log records"
+  type        = string
+  default     = null
+}