Terraform module for GCP Logwarden
No modules.
| Name |
Description |
Type |
Default |
Required |
| config_secret_id |
GCP Secret Manager secret name/id for environment variable string. |
string |
n/a |
yes |
| container_args |
Runtime arguments for logwarden |
list(string) |
[] |
no |
| docker_image |
Docker image for the logwarden tool. Used by Cloud Run |
string |
n/a |
yes |
| environment |
Environment of app, service, or context using this module. |
string |
n/a |
yes |
| ingress |
Ingress settings for the Google Cloud Run service |
string |
"INGRESS_TRAFFIC_INTERNAL_ONLY" |
no |
| logging_sink_filter |
n/a |
string |
"LOG_ID(\"cloudaudit.googleapis.com/activity\") OR LOG_ID(\"externalaudit.googleapis.com/activity\") OR LOG_ID(\"cloudaudit.googleapis.com/system_event\") OR LOG_ID(\"externalaudit.googleapis.com/system_event\") OR LOG_ID(\"cloudaudit.googleapis.com/access_transparency\") OR LOG_ID(\"externalaudit.googleapis.com/access_transparency\")\n-protoPayload.serviceName=\"k8s.io\"\n" |
no |
| organization_id |
ID of the parent organization. |
string |
n/a |
yes |
| policy_source_dir |
Repository folder where rego policies are stored. |
string |
n/a |
yes |
| project_id |
ID of the parent project. Needed for service account IAM bindings. |
string |
n/a |
yes |
| region |
Region to place the CloudRun function in. |
string |
n/a |
yes |
| Name |
Description |
| cloud_run_url |
URL of the deployed Cloud Run service |
| policy_bucket_name |
Name of the GCS bucket where rego policies are uploaded. |
| topic_name |
Name of the PubSub topic where log messages are consumed. |