diff --git a/aws/resource_aws_storagegateway_gateway.go b/aws/resource_aws_storagegateway_gateway.go index 6a76a1d6ab2..6389fc922d3 100644 --- a/aws/resource_aws_storagegateway_gateway.go +++ b/aws/resource_aws_storagegateway_gateway.go @@ -124,6 +124,11 @@ func resourceAwsStorageGatewayGateway() *schema.Resource { }, false), }, "tags": tagsSchema(), + "cloudwatch_log_group_arn": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validateArn, + }, }, } } @@ -272,6 +277,19 @@ func resourceAwsStorageGatewayGatewayCreate(d *schema.ResourceData, meta interfa } } + if v, ok := d.GetOk("cloudwatch_log_group_arn"); ok && v.(string) != "" { + input := &storagegateway.UpdateGatewayInformationInput{ + GatewayARN: aws.String(d.Id()), + CloudWatchLogGroupARN: aws.String(v.(string)), + } + + log.Printf("[DEBUG] Storage Gateway Gateway %q setting CloudWatch Log Group", input) + _, err := conn.UpdateGatewayInformation(input) + if err != nil { + return fmt.Errorf("error setting CloudWatch Log Group: %s", err) + } + } + return resourceAwsStorageGatewayGatewayRead(d, meta) } @@ -371,6 +389,7 @@ func resourceAwsStorageGatewayGatewayRead(d *schema.ResourceData, meta interface // The Storage Gateway API currently provides no way to read this value // We allow Terraform to passthrough the configuration value into the state d.Set("tape_drive_type", d.Get("tape_drive_type").(string)) + d.Set("cloudwatch_log_group_arn", output.CloudWatchLogGroupARN) return nil } @@ -378,11 +397,12 @@ func resourceAwsStorageGatewayGatewayRead(d *schema.ResourceData, meta interface func resourceAwsStorageGatewayGatewayUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).storagegatewayconn - if d.HasChange("gateway_name") || d.HasChange("gateway_timezone") { + if d.HasChange("gateway_name") || d.HasChange("gateway_timezone") || d.HasChange("cloudwatch_log_group_arn") { input := &storagegateway.UpdateGatewayInformationInput{ - GatewayARN: aws.String(d.Id()), - GatewayName: aws.String(d.Get("gateway_name").(string)), - GatewayTimezone: aws.String(d.Get("gateway_timezone").(string)), + GatewayARN: aws.String(d.Id()), + GatewayName: aws.String(d.Get("gateway_name").(string)), + GatewayTimezone: aws.String(d.Get("gateway_timezone").(string)), + CloudWatchLogGroupARN: aws.String(d.Get("cloudwatch_log_group_arn").(string)), } log.Printf("[DEBUG] Updating Storage Gateway Gateway: %s", input) diff --git a/aws/resource_aws_storagegateway_gateway_test.go b/aws/resource_aws_storagegateway_gateway_test.go index 0a2ac6bcd26..720f4bf46c3 100644 --- a/aws/resource_aws_storagegateway_gateway_test.go +++ b/aws/resource_aws_storagegateway_gateway_test.go @@ -283,6 +283,34 @@ func TestAccAWSStorageGatewayGateway_GatewayName(t *testing.T) { }) } +func TestAccAWSStorageGatewayGateway_CloudWatchLogs(t *testing.T) { + var gateway storagegateway.DescribeGatewayInformationOutput + rName1 := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_storagegateway_gateway.test" + resourceName2 := "aws_cloudwatch_log_group.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSStorageGatewayGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSStorageGatewayGatewayConfig_Log_Group(rName1), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSStorageGatewayGatewayExists(resourceName, &gateway), + resource.TestCheckResourceAttrPair(resourceName, "cloudwatch_log_group_arn", resourceName2, "arn"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"activation_key", "gateway_ip_address"}, + }, + }, + }) +} + func TestAccAWSStorageGatewayGateway_GatewayTimezone(t *testing.T) { var gateway storagegateway.DescribeGatewayInformationOutput rName := acctest.RandomWithPrefix("tf-acc-test") @@ -595,6 +623,22 @@ resource "aws_storagegateway_gateway" "test" { `, rName) } +func testAccAWSStorageGatewayGatewayConfig_Log_Group(rName string) string { + return testAccAWSStorageGateway_FileGatewayBase(rName) + fmt.Sprintf(` +resource "aws_cloudwatch_log_group" "test" { + name = %[1]q +} + +resource "aws_storagegateway_gateway" "test" { + gateway_ip_address = "${aws_instance.test.public_ip}" + gateway_name = %[1]q + gateway_timezone = "GMT" + gateway_type = "FILE_S3" + cloudwatch_log_group_arn = "${aws_cloudwatch_log_group.test.arn}" +} +`, rName) +} + func testAccAWSStorageGatewayGatewayConfig_GatewayType_Stored(rName string) string { return testAccAWSStorageGateway_TapeAndVolumeGatewayBase(rName) + fmt.Sprintf(` resource "aws_storagegateway_gateway" "test" { diff --git a/website/docs/r/storagegateway_gateway.html.markdown b/website/docs/r/storagegateway_gateway.html.markdown index ee29150cc14..f8b0ab0186f 100644 --- a/website/docs/r/storagegateway_gateway.html.markdown +++ b/website/docs/r/storagegateway_gateway.html.markdown @@ -71,6 +71,7 @@ The following arguments are supported: * `activation_key` - (Optional) Gateway activation key during resource creation. Conflicts with `gateway_ip_address`. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html). * `gateway_ip_address` - (Optional) Gateway IP address to retrieve activation key during resource creation. Conflicts with `activation_key`. Gateway must be accessible on port 80 from where Terraform is running. Additional information is available in the [Storage Gateway User Guide](https://docs.aws.amazon.com/storagegateway/latest/userguide/get-activation-key.html). * `gateway_type` - (Optional) Type of the gateway. The default value is `STORED`. Valid values: `CACHED`, `FILE_S3`, `STORED`, `VTL`. +* `cloudwatch_log_group_arn` - (Optional) The Amazon Resource Name (ARN) of the Amazon CloudWatch log group to use to monitor and log events in the gateway. * `media_changer_type` - (Optional) Type of medium changer to use for tape gateway. Terraform cannot detect drift of this argument. Valid values: `STK-L700`, `AWS-Gateway-VTL`. * `smb_active_directory_settings` - (Optional) Nested argument with Active Directory domain join information for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `ActiveDirectory` authentication SMB file shares. More details below. * `smb_guest_password` - (Optional) Guest password for Server Message Block (SMB) file shares. Only valid for `FILE_S3` gateway type. Must be set before creating `GuestAccess` authentication SMB file shares. Terraform can only detect drift of the existence of a guest password, not its actual value from the gateway. Terraform can however update the password with changing the argument.