Project
data class ProjectBucketConfigArgs(val bucketId: Output<String>? = null, val cmekSettings: Output<ProjectBucketConfigCmekSettingsArgs>? = null, val description: Output<String>? = null, val enableAnalytics: Output<Boolean>? = null, val indexConfigs: Output<List<ProjectBucketConfigIndexConfigArgs>>? = null, val location: Output<String>? = null, val locked: Output<Boolean>? = null, val project: Output<String>? = null, val retentionDays: Output<Int>? = null) : ConvertibleToJava<ProjectBucketConfigArgs>
Manages a project-level logging bucket config. For more information see the official logging documentation and Storing Logs.
Note: Logging buckets are automatically created for a given folder, project, organization, billingAccount and cannot be deleted. Creating a resource of this type will acquire and update the resource that already exists at the desired location. These buckets cannot be removed so deleting this resource will remove the bucket config from your state but will leave the logging bucket unchanged. The buckets that are currently automatically created are "_Default" and "_Required".
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.organizations.Project("default", {
projectId: "your-project-id",
name: "your-project-id",
orgId: "123456789",
});
const basic = new gcp.logging.ProjectBucketConfig("basic", {
project: _default.projectId,
location: "global",
retentionDays: 30,
bucketId: "_Default",
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.organizations.Project("default",
project_id="your-project-id",
name="your-project-id",
org_id="123456789")
basic = gcp.logging.ProjectBucketConfig("basic",
project=default.project_id,
location="global",
retention_days=30,
bucket_id="_Default")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.Organizations.Project("default", new()
{
ProjectId = "your-project-id",
Name = "your-project-id",
OrgId = "123456789",
});
var basic = new Gcp.Logging.ProjectBucketConfig("basic", new()
{
Project = @default.ProjectId,
Location = "global",
RetentionDays = 30,
BucketId = "_Default",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/logging"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := organizations.NewProject(ctx, "default", &organizations.ProjectArgs{
ProjectId: pulumi.String("your-project-id"),
Name: pulumi.String("your-project-id"),
OrgId: pulumi.String("123456789"),
})
if err != nil {
return err
}
_, err = logging.NewProjectBucketConfig(ctx, "basic", &logging.ProjectBucketConfigArgs{
Project: _default.ProjectId,
Location: pulumi.String("global"),
RetentionDays: pulumi.Int(30),
BucketId: pulumi.String("_Default"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.Project;
import com.pulumi.gcp.organizations.ProjectArgs;
import com.pulumi.gcp.logging.ProjectBucketConfig;
import com.pulumi.gcp.logging.ProjectBucketConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Project("default", ProjectArgs.builder()
.projectId("your-project-id")
.name("your-project-id")
.orgId("123456789")
.build());
var basic = new ProjectBucketConfig("basic", ProjectBucketConfigArgs.builder()
.project(default_.projectId())
.location("global")
.retentionDays(30)
.bucketId("_Default")
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:organizations:Project
properties:
projectId: your-project-id
name: your-project-id
orgId: '123456789'
basic:
type: gcp:logging:ProjectBucketConfig
properties:
project: ${default.projectId}
location: global
retentionDays: 30
bucketId: _DefaultContent copied to clipboard
Create logging bucket with customId
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const basic = new gcp.logging.ProjectBucketConfig("basic", {
project: "project_id",
location: "global",
retentionDays: 30,
bucketId: "custom-bucket",
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
basic = gcp.logging.ProjectBucketConfig("basic",
project="project_id",
location="global",
retention_days=30,
bucket_id="custom-bucket")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var basic = new Gcp.Logging.ProjectBucketConfig("basic", new()
{
Project = "project_id",
Location = "global",
RetentionDays = 30,
BucketId = "custom-bucket",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/logging"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := logging.NewProjectBucketConfig(ctx, "basic", &logging.ProjectBucketConfigArgs{
Project: pulumi.String("project_id"),
Location: pulumi.String("global"),
RetentionDays: pulumi.Int(30),
BucketId: pulumi.String("custom-bucket"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.logging.ProjectBucketConfig;
import com.pulumi.gcp.logging.ProjectBucketConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var basic = new ProjectBucketConfig("basic", ProjectBucketConfigArgs.builder()
.project("project_id")
.location("global")
.retentionDays(30)
.bucketId("custom-bucket")
.build());
}
}Content copied to clipboard
resources:
basic:
type: gcp:logging:ProjectBucketConfig
properties:
project: project_id
location: global
retentionDays: 30
bucketId: custom-bucketContent copied to clipboard
Create logging bucket with Log Analytics enabled
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const analytics_enabled_bucket = new gcp.logging.ProjectBucketConfig("analytics-enabled-bucket", {
project: "project_id",
location: "global",
retentionDays: 30,
enableAnalytics: true,
bucketId: "custom-bucket",
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
analytics_enabled_bucket = gcp.logging.ProjectBucketConfig("analytics-enabled-bucket",
project="project_id",
location="global",
retention_days=30,
enable_analytics=True,
bucket_id="custom-bucket")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var analytics_enabled_bucket = new Gcp.Logging.ProjectBucketConfig("analytics-enabled-bucket", new()
{
Project = "project_id",
Location = "global",
RetentionDays = 30,
EnableAnalytics = true,
BucketId = "custom-bucket",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/logging"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := logging.NewProjectBucketConfig(ctx, "analytics-enabled-bucket", &logging.ProjectBucketConfigArgs{
Project: pulumi.String("project_id"),
Location: pulumi.String("global"),
RetentionDays: pulumi.Int(30),
EnableAnalytics: pulumi.Bool(true),
BucketId: pulumi.String("custom-bucket"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.logging.ProjectBucketConfig;
import com.pulumi.gcp.logging.ProjectBucketConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var analytics_enabled_bucket = new ProjectBucketConfig("analytics-enabled-bucket", ProjectBucketConfigArgs.builder()
.project("project_id")
.location("global")
.retentionDays(30)
.enableAnalytics(true)
.bucketId("custom-bucket")
.build());
}
}Content copied to clipboard
resources:
analytics-enabled-bucket:
type: gcp:logging:ProjectBucketConfig
properties:
project: project_id
location: global
retentionDays: 30
enableAnalytics: true
bucketId: custom-bucketContent copied to clipboard
Create logging bucket with customId and cmekSettings
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const cmekSettings = gcp.logging.getProjectCmekSettings({
project: "project_id",
});
const keyring = new gcp.kms.KeyRing("keyring", {
name: "keyring-example",
location: "us-central1",
});
const key = new gcp.kms.CryptoKey("key", {
name: "crypto-key-example",
keyRing: keyring.id,
rotationPeriod: "7776000s",
});
const cryptoKeyBinding = new gcp.kms.CryptoKeyIAMBinding("crypto_key_binding", {
cryptoKeyId: key.id,
role: "roles/cloudkms.cryptoKeyEncrypterDecrypter",
members: [cmekSettings.then(cmekSettings => `serviceAccount:${cmekSettings.serviceAccountId}`)],
});
const example_project_bucket_cmek_settings = new gcp.logging.ProjectBucketConfig("example-project-bucket-cmek-settings", {
project: "project_id",
location: "us-central1",
retentionDays: 30,
bucketId: "custom-bucket",
cmekSettings: {
kmsKeyName: key.id,
},
}, {
dependsOn: [cryptoKeyBinding],
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
cmek_settings = gcp.logging.get_project_cmek_settings(project="project_id")
keyring = gcp.kms.KeyRing("keyring",
name="keyring-example",
location="us-central1")
key = gcp.kms.CryptoKey("key",
name="crypto-key-example",
key_ring=keyring.id,
rotation_period="7776000s")
crypto_key_binding = gcp.kms.CryptoKeyIAMBinding("crypto_key_binding",
crypto_key_id=key.id,
role="roles/cloudkms.cryptoKeyEncrypterDecrypter",
members=[f"serviceAccount:{cmek_settings.service_account_id}"])
example_project_bucket_cmek_settings = gcp.logging.ProjectBucketConfig("example-project-bucket-cmek-settings",
project="project_id",
location="us-central1",
retention_days=30,
bucket_id="custom-bucket",
cmek_settings={
"kms_key_name": key.id,
},
opts = pulumi.ResourceOptions(depends_on=[crypto_key_binding]))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var cmekSettings = Gcp.Logging.GetProjectCmekSettings.Invoke(new()
{
Project = "project_id",
});
var keyring = new Gcp.Kms.KeyRing("keyring", new()
{
Name = "keyring-example",
Location = "us-central1",
});
var key = new Gcp.Kms.CryptoKey("key", new()
{
Name = "crypto-key-example",
KeyRing = keyring.Id,
RotationPeriod = "7776000s",
});
var cryptoKeyBinding = new Gcp.Kms.CryptoKeyIAMBinding("crypto_key_binding", new()
{
CryptoKeyId = key.Id,
Role = "roles/cloudkms.cryptoKeyEncrypterDecrypter",
Members = new[]
{
$"serviceAccount:{cmekSettings.Apply(getProjectCmekSettingsResult => getProjectCmekSettingsResult.ServiceAccountId)}",
},
});
var example_project_bucket_cmek_settings = new Gcp.Logging.ProjectBucketConfig("example-project-bucket-cmek-settings", new()
{
Project = "project_id",
Location = "us-central1",
RetentionDays = 30,
BucketId = "custom-bucket",
CmekSettings = new Gcp.Logging.Inputs.ProjectBucketConfigCmekSettingsArgs
{
KmsKeyName = key.Id,
},
}, new CustomResourceOptions
{
DependsOn =
{
cryptoKeyBinding,
},
});
});Content copied to clipboard
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/logging"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cmekSettings, err := logging.GetProjectCmekSettings(ctx, &logging.GetProjectCmekSettingsArgs{
Project: "project_id",
}, nil)
if err != nil {
return err
}
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Name: pulumi.String("keyring-example"),
Location: pulumi.String("us-central1"),
})
if err != nil {
return err
}
key, err := kms.NewCryptoKey(ctx, "key", &kms.CryptoKeyArgs{
Name: pulumi.String("crypto-key-example"),
KeyRing: keyring.ID(),
RotationPeriod: pulumi.String("7776000s"),
})
if err != nil {
return err
}
cryptoKeyBinding, err := kms.NewCryptoKeyIAMBinding(ctx, "crypto_key_binding", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: key.ID(),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypterDecrypter"),
Members: pulumi.StringArray{
pulumi.Sprintf("serviceAccount:%v", cmekSettings.ServiceAccountId),
},
})
if err != nil {
return err
}
_, err = logging.NewProjectBucketConfig(ctx, "example-project-bucket-cmek-settings", &logging.ProjectBucketConfigArgs{
Project: pulumi.String("project_id"),
Location: pulumi.String("us-central1"),
RetentionDays: pulumi.Int(30),
BucketId: pulumi.String("custom-bucket"),
CmekSettings: &logging.ProjectBucketConfigCmekSettingsArgs{
KmsKeyName: key.ID(),
},
}, pulumi.DependsOn([]pulumi.Resource{
cryptoKeyBinding,
}))
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.logging.LoggingFunctions;
import com.pulumi.gcp.logging.inputs.GetProjectCmekSettingsArgs;
import com.pulumi.gcp.kms.KeyRing;
import com.pulumi.gcp.kms.KeyRingArgs;
import com.pulumi.gcp.kms.CryptoKey;
import com.pulumi.gcp.kms.CryptoKeyArgs;
import com.pulumi.gcp.kms.CryptoKeyIAMBinding;
import com.pulumi.gcp.kms.CryptoKeyIAMBindingArgs;
import com.pulumi.gcp.logging.ProjectBucketConfig;
import com.pulumi.gcp.logging.ProjectBucketConfigArgs;
import com.pulumi.gcp.logging.inputs.ProjectBucketConfigCmekSettingsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var cmekSettings = LoggingFunctions.getProjectCmekSettings(GetProjectCmekSettingsArgs.builder()
.project("project_id")
.build());
var keyring = new KeyRing("keyring", KeyRingArgs.builder()
.name("keyring-example")
.location("us-central1")
.build());
var key = new CryptoKey("key", CryptoKeyArgs.builder()
.name("crypto-key-example")
.keyRing(keyring.id())
.rotationPeriod("7776000s")
.build());
var cryptoKeyBinding = new CryptoKeyIAMBinding("cryptoKeyBinding", CryptoKeyIAMBindingArgs.builder()
.cryptoKeyId(key.id())
.role("roles/cloudkms.cryptoKeyEncrypterDecrypter")
.members(String.format("serviceAccount:%s", cmekSettings.applyValue(getProjectCmekSettingsResult -> getProjectCmekSettingsResult.serviceAccountId())))
.build());
var example_project_bucket_cmek_settings = new ProjectBucketConfig("example-project-bucket-cmek-settings", ProjectBucketConfigArgs.builder()
.project("project_id")
.location("us-central1")
.retentionDays(30)
.bucketId("custom-bucket")
.cmekSettings(ProjectBucketConfigCmekSettingsArgs.builder()
.kmsKeyName(key.id())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(cryptoKeyBinding)
.build());
}
}Content copied to clipboard
resources:
keyring:
type: gcp:kms:KeyRing
properties:
name: keyring-example
location: us-central1
key:
type: gcp:kms:CryptoKey
properties:
name: crypto-key-example
keyRing: ${keyring.id}
rotationPeriod: 7776000s
cryptoKeyBinding:
type: gcp:kms:CryptoKeyIAMBinding
name: crypto_key_binding
properties:
cryptoKeyId: ${key.id}
role: roles/cloudkms.cryptoKeyEncrypterDecrypter
members:
- serviceAccount:${cmekSettings.serviceAccountId}
example-project-bucket-cmek-settings:
type: gcp:logging:ProjectBucketConfig
properties:
project: project_id
location: us-central1
retentionDays: 30
bucketId: custom-bucket
cmekSettings:
kmsKeyName: ${key.id}
options:
dependson:
- ${cryptoKeyBinding}
variables:
cmekSettings:
fn::invoke:
Function: gcp:logging:getProjectCmekSettings
Arguments:
project: project_idContent copied to clipboard
Create logging bucket with index configs
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const example_project_bucket_index_configs = new gcp.logging.ProjectBucketConfig("example-project-bucket-index-configs", {
project: "project_id",
location: "global",
retentionDays: 30,
bucketId: "custom-bucket",
indexConfigs: [{
fieldPath: "jsonPayload.request.status",
type: "INDEX_TYPE_STRING",
}],
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
example_project_bucket_index_configs = gcp.logging.ProjectBucketConfig("example-project-bucket-index-configs",
project="project_id",
location="global",
retention_days=30,
bucket_id="custom-bucket",
index_configs=[{
"field_path": "jsonPayload.request.status",
"type": "INDEX_TYPE_STRING",
}])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var example_project_bucket_index_configs = new Gcp.Logging.ProjectBucketConfig("example-project-bucket-index-configs", new()
{
Project = "project_id",
Location = "global",
RetentionDays = 30,
BucketId = "custom-bucket",
IndexConfigs = new[]
{
new Gcp.Logging.Inputs.ProjectBucketConfigIndexConfigArgs
{
FieldPath = "jsonPayload.request.status",
Type = "INDEX_TYPE_STRING",
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/logging"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := logging.NewProjectBucketConfig(ctx, "example-project-bucket-index-configs", &logging.ProjectBucketConfigArgs{
Project: pulumi.String("project_id"),
Location: pulumi.String("global"),
RetentionDays: pulumi.Int(30),
BucketId: pulumi.String("custom-bucket"),
IndexConfigs: logging.ProjectBucketConfigIndexConfigArray{
&logging.ProjectBucketConfigIndexConfigArgs{
FieldPath: pulumi.String("jsonPayload.request.status"),
Type: pulumi.String("INDEX_TYPE_STRING"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.logging.ProjectBucketConfig;
import com.pulumi.gcp.logging.ProjectBucketConfigArgs;
import com.pulumi.gcp.logging.inputs.ProjectBucketConfigIndexConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example_project_bucket_index_configs = new ProjectBucketConfig("example-project-bucket-index-configs", ProjectBucketConfigArgs.builder()
.project("project_id")
.location("global")
.retentionDays(30)
.bucketId("custom-bucket")
.indexConfigs(ProjectBucketConfigIndexConfigArgs.builder()
.fieldPath("jsonPayload.request.status")
.type("INDEX_TYPE_STRING")
.build())
.build());
}
}Content copied to clipboard
resources:
example-project-bucket-index-configs:
type: gcp:logging:ProjectBucketConfig
properties:
project: project_id
location: global
retentionDays: 30
bucketId: custom-bucket
indexConfigs:
- fieldPath: jsonPayload.request.status
type: INDEX_TYPE_STRINGContent copied to clipboard
Import
This resource can be imported using the following format:
projects/{{project}}/locations/{{location}}/buckets/{{bucket_id}}When using thepulumi importcommand, this resource can be imported using one of the formats above. For example:
$ pulumi import gcp:logging/projectBucketConfig:ProjectBucketConfig default projects/{{project}}/locations/{{location}}/buckets/{{bucket_id}}Content copied to clipboard
Constructors
Link copied to clipboard
constructor(bucketId: Output<String>? = null, cmekSettings: Output<ProjectBucketConfigCmekSettingsArgs>? = null, description: Output<String>? = null, enableAnalytics: Output<Boolean>? = null, indexConfigs: Output<List<ProjectBucketConfigIndexConfigArgs>>? = null, location: Output<String>? = null, locked: Output<Boolean>? = null, project: Output<String>? = null, retentionDays: Output<Int>? = null)
Properties
Link copied to clipboard
The CMEK settings of the log bucket. If present, new log entries written to this log bucket are encrypted using the CMEK key provided in this configuration. If a log bucket has CMEK settings, the CMEK settings cannot be disabled later by updating the log bucket. Changing the KMS key is allowed. Structure is documented below.
Link copied to clipboard
Describes this bucket.
Link copied to clipboard
Whether or not Log Analytics is enabled. Logs for buckets with Log Analytics enabled can be queried in the Log Analytics page using SQL queries. Cannot be disabled once enabled.
Link copied to clipboard
A list of indexed fields and related configuration data. Structure is documented below.
Link copied to clipboard
Logs will be retained by default for this amount of time, after which they will automatically be deleted. The minimum retention period is 1 day. If this value is set to zero at bucket creation time, the default time of 30 days will be used.