--- # generated by https://github.com/hashicorp/terraform-plugin-docs page_title: "opensearch_audit_config Resource - terraform-provider-opensearch" subcategory: "" description: |- --- # opensearch_audit_config (Resource) ## Example Usage ```terraform resource "opensearch_audit_config" "test" { enabled = true audit { enable_rest = true disabled_rest_categories = ["GRANTED_PRIVILEGES", "AUTHENTICATED"] enable_transport = true disabled_transport_categories = ["GRANTED_PRIVILEGES", "AUTHENTICATED"] resolve_bulk_requests = true log_request_body = true resolve_indices = true # Note: if set false, AWS OpenSearch will return HTTP 409 (Conflict) exclude_sensitive_headers = true ignore_users = ["dashboardserver"] ignore_requests = ["SearchRequest", "indices:data/read/*", "/_cluster/health"] } compliance { enabled = true # Note: if both internal/external are set true, AWS OpenSearch will return HTTP 409 (Conflict) internal_config = true external_config = false read_metadata_only = true read_ignore_users = ["read-ignore-1"] read_watched_field { index = "read-index-1" fields = ["field-1", "field-2"] } read_watched_field { index = "read-index-2" fields = ["field-3"] } write_metadata_only = true write_log_diffs = false write_watched_indices = ["write-index-1", "write-index-2", "log-*", "*"] write_ignore_users = ["write-ignore-1"] } } ``` <!-- schema generated by tfplugindocs --> ## Schema ### Required - `enabled` (Boolean) ### Optional - `audit` (Block Set, Max: 1) (see [below for nested schema](#nestedblock--audit)) - `compliance` (Block Set, Max: 1) (see [below for nested schema](#nestedblock--compliance)) ### Read-Only - `id` (String) The ID of this resource. <a id="nestedblock--audit"></a> ### Nested Schema for `audit` Optional: - `disabled_rest_categories` (Set of String) - `disabled_transport_categories` (Set of String) - `enable_rest` (Boolean) - `enable_transport` (Boolean) - `exclude_sensitive_headers` (Boolean) - `ignore_requests` (Set of String) - `ignore_users` (Set of String) - `log_request_body` (Boolean) - `resolve_bulk_requests` (Boolean) - `resolve_indices` (Boolean) <a id="nestedblock--compliance"></a> ### Nested Schema for `compliance` Optional: - `enabled` (Boolean) - `external_config` (Boolean) - `internal_config` (Boolean) - `read_ignore_users` (Set of String) - `read_metadata_only` (Boolean) - `read_watched_field` (Block Set) (see [below for nested schema](#nestedblock--compliance--read_watched_field)) - `write_ignore_users` (Set of String) - `write_log_diffs` (Boolean) - `write_metadata_only` (Boolean) - `write_watched_indices` (Set of String) <a id="nestedblock--compliance--read_watched_field"></a> ### Nested Schema for `compliance.read_watched_field` Required: - `fields` (Set of String) - `index` (String) ## Import Import is supported using the following syntax: ```shell # Import by name terraform import opensearch_audit_config.test_config my-config ```