---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "opensearch_audit_config Resource - terraform-provider-opensearch"
subcategory: ""
description: |-
  
---

# opensearch_audit_config (Resource)



## Example Usage

```terraform
resource "opensearch_audit_config" "test" {
  enabled = true

  audit {
    enable_rest              = true
    disabled_rest_categories = ["GRANTED_PRIVILEGES", "AUTHENTICATED"]

    enable_transport              = true
    disabled_transport_categories = ["GRANTED_PRIVILEGES", "AUTHENTICATED"]

    resolve_bulk_requests = true
    log_request_body      = true
    resolve_indices       = true

    # Note: if set false, AWS OpenSearch will return HTTP 409 (Conflict)
    exclude_sensitive_headers = true

    ignore_users    = ["dashboardserver"]
    ignore_requests = ["SearchRequest", "indices:data/read/*", "/_cluster/health"]
  }

  compliance {
    enabled = true

    # Note: if both internal/external are set true, AWS OpenSearch will return HTTP 409 (Conflict)
    internal_config = true
    external_config = false

    read_metadata_only = true
    read_ignore_users  = ["read-ignore-1"]

    read_watched_field {
      index  = "read-index-1"
      fields = ["field-1", "field-2"]
    }

    read_watched_field {
      index  = "read-index-2"
      fields = ["field-3"]
    }

    write_metadata_only   = true
    write_log_diffs       = false
    write_watched_indices = ["write-index-1", "write-index-2", "log-*", "*"]
    write_ignore_users    = ["write-ignore-1"]
  }
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `enabled` (Boolean)

### Optional

- `audit` (Block Set, Max: 1) (see [below for nested schema](#nestedblock--audit))
- `compliance` (Block Set, Max: 1) (see [below for nested schema](#nestedblock--compliance))

### Read-Only

- `id` (String) The ID of this resource.

<a id="nestedblock--audit"></a>
### Nested Schema for `audit`

Optional:

- `disabled_rest_categories` (Set of String)
- `disabled_transport_categories` (Set of String)
- `enable_rest` (Boolean)
- `enable_transport` (Boolean)
- `exclude_sensitive_headers` (Boolean)
- `ignore_requests` (Set of String)
- `ignore_users` (Set of String)
- `log_request_body` (Boolean)
- `resolve_bulk_requests` (Boolean)
- `resolve_indices` (Boolean)


<a id="nestedblock--compliance"></a>
### Nested Schema for `compliance`

Optional:

- `enabled` (Boolean)
- `external_config` (Boolean)
- `internal_config` (Boolean)
- `read_ignore_users` (Set of String)
- `read_metadata_only` (Boolean)
- `read_watched_field` (Block Set) (see [below for nested schema](#nestedblock--compliance--read_watched_field))
- `write_ignore_users` (Set of String)
- `write_log_diffs` (Boolean)
- `write_metadata_only` (Boolean)
- `write_watched_indices` (Set of String)

<a id="nestedblock--compliance--read_watched_field"></a>
### Nested Schema for `compliance.read_watched_field`

Required:

- `fields` (Set of String)
- `index` (String)

## Import

Import is supported using the following syntax:

```shell
# Import by name
terraform import opensearch_audit_config.test_config my-config
```