Add support for Log Analytics on logging-bucket module and bump provider version (#1423)

* first commit

* Bump provider versions

* Fix tests

modules/logging-bucket/README.md

@@ -20,6 +20,21 @@ module "bucket" {
 # tftest modules=1 resources=1 inventory=project.yaml
 ```
 
+### Create custom logging bucket in a project enabling Log Analytics and dataset link
+
+```hcl
+module "bucket" {
+  source      = "./fabric/modules/logging-bucket"
+  parent_type = "project"
+  parent      = var.project_id
+  id          = "mybucket"
+  log_analytics = {
+    enable          = true
+    dataset_link_id = "log"
+  }
+}
+# tftest modules=1 resources=2 inventory=log_analytics.yaml
+```
 
 ### Change retention period of a folder's _Default bucket
 
@@ -41,6 +56,7 @@ module "bucket-default" {
 ```
 
 ### Organization and billing account buckets
+
 ```hcl
 module "bucket-organization" {
   source      = "./fabric/modules/logging-bucket"
@@ -64,12 +80,13 @@ module "bucket-billing-account" {
 | name | description | type | required | default |
 |---|---|:---:|:---:|:---:|
 | [id](variables.tf#L23) | Name of the logging bucket. | <code>string</code> | ✓ |  |
-| [parent](variables.tf#L40) | ID of the parentresource containing the bucket in the format 'project_id' 'folders/folder_id', 'organizations/organization_id' or 'billing_account_id'. | <code>string</code> | ✓ |  |
-| [parent_type](variables.tf#L45) | Parent object type for the bucket (project, folder, organization, billing_account). | <code>string</code> | ✓ |  |
+| [parent](variables.tf#L50) | ID of the parentresource containing the bucket in the format 'project_id' 'folders/folder_id', 'organizations/organization_id' or 'billing_account_id'. | <code>string</code> | ✓ |  |
+| [parent_type](variables.tf#L55) | Parent object type for the bucket (project, folder, organization, billing_account). | <code>string</code> | ✓ |  |
 | [description](variables.tf#L17) | Human-readable description for the logging bucket. | <code>string</code> |  | <code>null</code> |
 | [kms_key_name](variables.tf#L28) | To enable CMEK for a project logging bucket, set this field to a valid name. The associated service account requires cloudkms.cryptoKeyEncrypterDecrypter roles assigned for the key. | <code>string</code> |  | <code>null</code> |
 | [location](variables.tf#L34) | Location of the bucket. | <code>string</code> |  | <code>&#34;global&#34;</code> |
-| [retention](variables.tf#L50) | Retention time in days for the logging bucket. | <code>number</code> |  | <code>30</code> |
+| [log_analytics](variables.tf#L40) | Enable and configure Analytics Log. | <code title="object&#40;&#123;&#10;  enable          &#61; optional&#40;bool, false&#41;&#10;  dataset_link_id &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> |  | <code>&#123;&#125;</code> |
+| [retention](variables.tf#L60) | Retention time in days for the logging bucket. | <code>number</code> |  | <code>30</code> |
 
 ## Outputs
 

modules/logging-bucket/main.tf

@@ -15,12 +15,13 @@
  */
 
 resource "google_logging_project_bucket_config" "bucket" {
-  count          = var.parent_type == "project" ? 1 : 0
-  project        = var.parent
-  location       = var.location
-  retention_days = var.retention
-  bucket_id      = var.id
-  description    = var.description
+  count            = var.parent_type == "project" ? 1 : 0
+  project          = var.parent
+  location         = var.location
+  retention_days   = var.retention
+  bucket_id        = var.id
+  description      = var.description
+  enable_analytics = var.log_analytics.enable
 
   dynamic "cmek_settings" {
     for_each = var.kms_key_name == null ? [] : [""]
@@ -39,6 +40,15 @@ resource "google_logging_folder_bucket_config" "bucket" {
   description    = var.description
 }
 
+resource "google_logging_linked_dataset" "dataset" {
+  count       = var.log_analytics.dataset_link_id != null && var.parent_type == "project" ? 1 : 0
+  link_id     = var.log_analytics.dataset_link_id
+  parent      = "projects/${google_logging_project_bucket_config.bucket[0].project}"
+  bucket      = google_logging_project_bucket_config.bucket[0].id
+  location    = var.location
+  description = "Log Analytics Dataset"
+}
+
 resource "google_logging_organization_bucket_config" "bucket" {
   count          = var.parent_type == "organization" ? 1 : 0
   organization   = var.parent

modules/logging-bucket/variables.tf

@@ -37,6 +37,16 @@ variable "location" {
   default     = "global"
 }
 
+variable "log_analytics" {
+  description = "Enable and configure Analytics Log."
+  type = object({
+    enable          = optional(bool, false)
+    dataset_link_id = optional(string)
+  })
+  nullable = false
+  default  = {}
+}
+
 variable "parent" {
   description = "ID of the parentresource containing the bucket in the format 'project_id' 'folders/folder_id', 'organizations/organization_id' or 'billing_account_id'."
   type        = string

modules/logging-bucket/versions.tf

@@ -17,11 +17,11 @@ terraform {
   required_providers {
     google = {
       source  = "hashicorp/google"
-      version = ">= 4.60.0" # tftest
+      version = ">= 4.64.0" # tftest
     }
     google-beta = {
       source  = "hashicorp/google-beta"
-      version = ">= 4.60.0" # tftest
+      version = ">= 4.64.0" # tftest
     }
   }
 }