vpc_flow_logs_configs
Creates, updates, deletes, gets or lists a vpc_flow_logs_configs resource.
Overview
| Name | vpc_flow_logs_configs |
| Type | Resource |
| Id | google.networkmanagement.vpc_flow_logs_configs |
Fields
The following fields are returned by SELECT queries:
- get
- list
- query_org_vpc_flow_logs_configs
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id} - For organization-level configurations: organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id} |
aggregationInterval | string | Optional. The aggregation interval for the logs. Default value is INTERVAL_5_SEC. |
createTime | string (google-datetime) | Output only. The time the config was created. |
crossProjectMetadata | string | Optional. Determines whether to include cross project annotations in the logs. This field is available only for organization configurations. If not specified in org configs will be set to CROSS_PROJECT_METADATA_ENABLED. |
description | string | Optional. The user-supplied description of the VPC Flow Logs configuration. Maximum of 512 characters. |
filterExpr | string | Optional. Export filter used to define which VPC Flow Logs should be logged. |
flowSampling | number (float) | Optional. The value of the field must be in (0, 1]. The sampling rate of VPC Flow Logs where 1.0 means all collected logs are reported. Setting the sampling rate to 0.0 is not allowed. If you want to disable VPC Flow Logs, use the state field instead. Default value is 1.0. |
interconnectAttachment | string | Traffic will be logged from the Interconnect Attachment. Format: projects/{project_id}/regions/{region}/interconnectAttachments/{name} |
labels | object | Optional. Resource labels to represent user-provided metadata. |
metadata | string | Optional. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default value is INCLUDE_ALL_METADATA. |
metadataFields | array | Optional. Custom metadata fields to include in the reported VPC flow logs. Can only be specified if "metadata" was set to CUSTOM_METADATA. |
network | string | Traffic will be logged from VMs, VPN tunnels and Interconnect Attachments within the network. Format: projects/{project_id}/global/networks/{name} |
state | string | Optional. The state of the VPC Flow Log configuration. Default value is ENABLED. When creating a new configuration, it must be enabled. Setting state=DISABLED will pause the log generation for this config. |
subnet | string | Traffic will be logged from VMs within the subnetwork. Format: projects/{project_id}/regions/{region}/subnetworks/{name} |
targetResourceState | string | Output only. Describes the state of the configured target resource for diagnostic purposes. |
updateTime | string (google-datetime) | Output only. The time the config was updated. |
vpnTunnel | string | Traffic will be logged from the VPN Tunnel. Format: projects/{project_id}/regions/{region}/vpnTunnels/{name} |
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id} - For organization-level configurations: organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id} |
aggregationInterval | string | Optional. The aggregation interval for the logs. Default value is INTERVAL_5_SEC. |
createTime | string (google-datetime) | Output only. The time the config was created. |
crossProjectMetadata | string | Optional. Determines whether to include cross project annotations in the logs. This field is available only for organization configurations. If not specified in org configs will be set to CROSS_PROJECT_METADATA_ENABLED. |
description | string | Optional. The user-supplied description of the VPC Flow Logs configuration. Maximum of 512 characters. |
filterExpr | string | Optional. Export filter used to define which VPC Flow Logs should be logged. |
flowSampling | number (float) | Optional. The value of the field must be in (0, 1]. The sampling rate of VPC Flow Logs where 1.0 means all collected logs are reported. Setting the sampling rate to 0.0 is not allowed. If you want to disable VPC Flow Logs, use the state field instead. Default value is 1.0. |
interconnectAttachment | string | Traffic will be logged from the Interconnect Attachment. Format: projects/{project_id}/regions/{region}/interconnectAttachments/{name} |
labels | object | Optional. Resource labels to represent user-provided metadata. |
metadata | string | Optional. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default value is INCLUDE_ALL_METADATA. |
metadataFields | array | Optional. Custom metadata fields to include in the reported VPC flow logs. Can only be specified if "metadata" was set to CUSTOM_METADATA. |
network | string | Traffic will be logged from VMs, VPN tunnels and Interconnect Attachments within the network. Format: projects/{project_id}/global/networks/{name} |
state | string | Optional. The state of the VPC Flow Log configuration. Default value is ENABLED. When creating a new configuration, it must be enabled. Setting state=DISABLED will pause the log generation for this config. |
subnet | string | Traffic will be logged from VMs within the subnetwork. Format: projects/{project_id}/regions/{region}/subnetworks/{name} |
targetResourceState | string | Output only. Describes the state of the configured target resource for diagnostic purposes. |
updateTime | string (google-datetime) | Output only. The time the config was updated. |
vpnTunnel | string | Traffic will be logged from the VPN Tunnel. Format: projects/{project_id}/regions/{region}/vpnTunnels/{name} |
| Name | Datatype | Description |
|---|---|---|
nextPageToken | string | Page token to fetch the next set of configurations. |
unreachable | array | Locations that could not be reached (when querying all locations with -). |
vpcFlowLogsConfigs | array | List of VPC Flow Log configurations. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | organizationsId, locationsId, vpcFlowLogsConfigsId | Gets the details of a specific VpcFlowLogsConfig. | |
list | select | organizationsId, locationsId | orderBy, filter, pageToken, pageSize | Lists all VpcFlowLogsConfigs in a given organization. |
query_org_vpc_flow_logs_configs | select | projectsId, locationsId | filter, pageToken, pageSize | QueryOrgVpcFlowLogsConfigs returns a list of all organization-level VPC Flow Logs configurations applicable to the specified project. |
create | insert | organizationsId, locationsId | vpcFlowLogsConfigId | Creates a new VpcFlowLogsConfig. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Creating a configuration with state=DISABLED will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - creating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description |
patch | update | organizationsId, locationsId, vpcFlowLogsConfigsId | updateMask | Updates an existing VpcFlowLogsConfig. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Updating a configuration with state=DISABLED will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - updating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description |
delete | delete | organizationsId, locationsId, vpcFlowLogsConfigsId | Deletes a specific VpcFlowLogsConfig. | |
show_effective_flow_logs_configs | exec | projectsId, locationsId | pageToken, resource, pageSize, filter | ShowEffectiveFlowLogsConfigs returns a list of all VPC Flow Logs configurations applicable to a specified resource. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
locationsId | string | |
organizationsId | string | |
projectsId | string | |
vpcFlowLogsConfigsId | string | |
filter | string | |
orderBy | string | |
pageSize | integer (int32) | |
pageToken | string | |
resource | string | |
updateMask | string (google-fieldmask) | |
vpcFlowLogsConfigId | string |
SELECT examples
- get
- list
- query_org_vpc_flow_logs_configs
Gets the details of a specific VpcFlowLogsConfig.
SELECT
name,
aggregationInterval,
createTime,
crossProjectMetadata,
description,
filterExpr,
flowSampling,
interconnectAttachment,
labels,
metadata,
metadataFields,
network,
state,
subnet,
targetResourceState,
updateTime,
vpnTunnel
FROM google.networkmanagement.vpc_flow_logs_configs
WHERE organizationsId = '{{ organizationsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND vpcFlowLogsConfigsId = '{{ vpcFlowLogsConfigsId }}' -- required
;
Lists all VpcFlowLogsConfigs in a given organization.
SELECT
name,
aggregationInterval,
createTime,
crossProjectMetadata,
description,
filterExpr,
flowSampling,
interconnectAttachment,
labels,
metadata,
metadataFields,
network,
state,
subnet,
targetResourceState,
updateTime,
vpnTunnel
FROM google.networkmanagement.vpc_flow_logs_configs
WHERE organizationsId = '{{ organizationsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND orderBy = '{{ orderBy }}'
AND filter = '{{ filter }}'
AND pageToken = '{{ pageToken }}'
AND pageSize = '{{ pageSize }}'
;
QueryOrgVpcFlowLogsConfigs returns a list of all organization-level VPC Flow Logs configurations applicable to the specified project.
SELECT
nextPageToken,
unreachable,
vpcFlowLogsConfigs
FROM google.networkmanagement.vpc_flow_logs_configs
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND filter = '{{ filter }}'
AND pageToken = '{{ pageToken }}'
AND pageSize = '{{ pageSize }}'
;
INSERT examples
- create
- Manifest
Creates a new VpcFlowLogsConfig. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Creating a configuration with state=DISABLED will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - creating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description
INSERT INTO google.networkmanagement.vpc_flow_logs_configs (
data__labels,
data__state,
data__metadataFields,
data__crossProjectMetadata,
data__network,
data__metadata,
data__aggregationInterval,
data__description,
data__filterExpr,
data__flowSampling,
data__interconnectAttachment,
data__vpnTunnel,
data__subnet,
data__name,
organizationsId,
locationsId,
vpcFlowLogsConfigId
)
SELECT
'{{ labels }}',
'{{ state }}',
'{{ metadataFields }}',
'{{ crossProjectMetadata }}',
'{{ network }}',
'{{ metadata }}',
'{{ aggregationInterval }}',
'{{ description }}',
'{{ filterExpr }}',
{{ flowSampling }},
'{{ interconnectAttachment }}',
'{{ vpnTunnel }}',
'{{ subnet }}',
'{{ name }}',
'{{ organizationsId }}',
'{{ locationsId }}',
'{{ vpcFlowLogsConfigId }}'
RETURNING
name,
done,
error,
metadata,
response
;
# Description fields are for documentation purposes
- name: vpc_flow_logs_configs
props:
- name: organizationsId
value: string
description: Required parameter for the vpc_flow_logs_configs resource.
- name: locationsId
value: string
description: Required parameter for the vpc_flow_logs_configs resource.
- name: labels
value: object
description: >
Optional. Resource labels to represent user-provided metadata.
- name: state
value: string
description: >
Optional. The state of the VPC Flow Log configuration. Default value is ENABLED. When creating a new configuration, it must be enabled. Setting state=DISABLED will pause the log generation for this config.
valid_values: ['STATE_UNSPECIFIED', 'ENABLED', 'DISABLED']
- name: metadataFields
value: array
description: >
Optional. Custom metadata fields to include in the reported VPC flow logs. Can only be specified if "metadata" was set to CUSTOM_METADATA.
- name: crossProjectMetadata
value: string
description: >
Optional. Determines whether to include cross project annotations in the logs. This field is available only for organization configurations. If not specified in org configs will be set to CROSS_PROJECT_METADATA_ENABLED.
valid_values: ['CROSS_PROJECT_METADATA_UNSPECIFIED', 'CROSS_PROJECT_METADATA_ENABLED', 'CROSS_PROJECT_METADATA_DISABLED']
- name: network
value: string
description: >
Traffic will be logged from VMs, VPN tunnels and Interconnect Attachments within the network. Format: projects/{project_id}/global/networks/{name}
- name: metadata
value: string
description: >
Optional. Configures whether all, none or a subset of metadata fields should be added to the reported VPC flow logs. Default value is INCLUDE_ALL_METADATA.
valid_values: ['METADATA_UNSPECIFIED', 'INCLUDE_ALL_METADATA', 'EXCLUDE_ALL_METADATA', 'CUSTOM_METADATA']
- name: aggregationInterval
value: string
description: >
Optional. The aggregation interval for the logs. Default value is INTERVAL_5_SEC.
valid_values: ['AGGREGATION_INTERVAL_UNSPECIFIED', 'INTERVAL_5_SEC', 'INTERVAL_30_SEC', 'INTERVAL_1_MIN', 'INTERVAL_5_MIN', 'INTERVAL_10_MIN', 'INTERVAL_15_MIN']
- name: description
value: string
description: >
Optional. The user-supplied description of the VPC Flow Logs configuration. Maximum of 512 characters.
- name: filterExpr
value: string
description: >
Optional. Export filter used to define which VPC Flow Logs should be logged.
- name: flowSampling
value: number
description: >
Optional. The value of the field must be in (0, 1]. The sampling rate of VPC Flow Logs where 1.0 means all collected logs are reported. Setting the sampling rate to 0.0 is not allowed. If you want to disable VPC Flow Logs, use the state field instead. Default value is 1.0.
- name: interconnectAttachment
value: string
description: >
Traffic will be logged from the Interconnect Attachment. Format: projects/{project_id}/regions/{region}/interconnectAttachments/{name}
- name: vpnTunnel
value: string
description: >
Traffic will be logged from the VPN Tunnel. Format: projects/{project_id}/regions/{region}/vpnTunnels/{name}
- name: subnet
value: string
description: >
Traffic will be logged from VMs within the subnetwork. Format: projects/{project_id}/regions/{region}/subnetworks/{name}
- name: name
value: string
description: >
Identifier. Unique name of the configuration. The name can have one of the following forms: - For project-level configurations: `projects/{project_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}` - For organization-level configurations: `organizations/{organization_id}/locations/global/vpcFlowLogsConfigs/{vpc_flow_logs_config_id}`
- name: vpcFlowLogsConfigId
value: string
UPDATE examples
- patch
Updates an existing VpcFlowLogsConfig. If a configuration with the exact same settings already exists (even if the ID is different), the creation fails. Notes: 1. Updating a configuration with state=DISABLED will fail 2. The following fields are not considered as settings for the purpose of the check mentioned above, therefore - updating another configuration with the same fields but different values for the following fields will fail as well: * name * create_time * update_time * labels * description
UPDATE google.networkmanagement.vpc_flow_logs_configs
SET
data__labels = '{{ labels }}',
data__state = '{{ state }}',
data__metadataFields = '{{ metadataFields }}',
data__crossProjectMetadata = '{{ crossProjectMetadata }}',
data__network = '{{ network }}',
data__metadata = '{{ metadata }}',
data__aggregationInterval = '{{ aggregationInterval }}',
data__description = '{{ description }}',
data__filterExpr = '{{ filterExpr }}',
data__flowSampling = {{ flowSampling }},
data__interconnectAttachment = '{{ interconnectAttachment }}',
data__vpnTunnel = '{{ vpnTunnel }}',
data__subnet = '{{ subnet }}',
data__name = '{{ name }}'
WHERE
organizationsId = '{{ organizationsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND vpcFlowLogsConfigsId = '{{ vpcFlowLogsConfigsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;
DELETE examples
- delete
Deletes a specific VpcFlowLogsConfig.
DELETE FROM google.networkmanagement.vpc_flow_logs_configs
WHERE organizationsId = '{{ organizationsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND vpcFlowLogsConfigsId = '{{ vpcFlowLogsConfigsId }}' --required
;
Lifecycle Methods
- show_effective_flow_logs_configs
ShowEffectiveFlowLogsConfigs returns a list of all VPC Flow Logs configurations applicable to a specified resource.
EXEC google.networkmanagement.vpc_flow_logs_configs.show_effective_flow_logs_configs
@projectsId='{{ projectsId }}' --required,
@locationsId='{{ locationsId }}' --required,
@pageToken='{{ pageToken }}',
@resource='{{ resource }}',
@pageSize='{{ pageSize }}',
@filter='{{ filter }}'
;