Support for VNet in azurerm_network_watcher_flow_log

[terrymandin]

Is there an existing issue for this?

• I have searched the existing issues

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Description

I am creating a Terraform Azure Verified Module for Flow Logs. We have a requirement to create a flow log as part of the VNet creation. This is supported in the portal:

but not in the provider. Please add this capability.

I believe that the network_security_group_id variable should be renamed to target_resource_id similar to azapi. I confirmed that setting this to a VNet also works. It doesn't have to be just a NSG.

New or Affected Resource(s)/Data Source(s)

azurerm_network_watcher_flow_log

Potential Terraform Configuration

resource "azurerm_network_watcher_flow_log" "test" {
  network_watcher_name = azurerm_network_watcher.test.name
  resource_group_name  = azurerm_resource_group.example.name
  name                 = "example-log"

  target_resource_id        = azurerm_virtual_network.this.id
  storage_account_id        = azurerm_storage_account.test.id
  enabled                   = true

  retention_policy {
    enabled = true
    days    = 7
  }

  traffic_analytics {
    enabled               = true
    workspace_id          = azurerm_log_analytics_workspace.test.workspace_id
    workspace_region      = azurerm_log_analytics_workspace.test.location
    workspace_resource_id = azurerm_log_analytics_workspace.test.id
    interval_in_minutes   = 10
  }
}

References

No response