cloud_azure_tenant_eventhub_settings

This resource manages the eventhub settings on an Azure Tenant in Falcon Cloud Security.

API Scopes

The following API scopes are required:

• Cloud security Azure registration: READ
• Cloud security Azure registration: WRITE

Example Usage

terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}

provider "crowdstrike" {
  cloud = "us-2"
}

resource "crowdstrike_cloud_azure_tenant" "tenant" {
  tenant_id                      = "00000000-0000-0000-0000-000000000003"
  microsoft_graph_permission_ids = ["9a5d68dd-52b0-4cc2-bd40-abcf44ac3a30"]
  realtime_visibility = {
    enabled = true
  }
}


resource "crowdstrike_cloud_azure_tenant_eventhub_settings" "eventhub" {
  tenant_id = crowdstrike_cloud_azure_tenant.tenant.tenant_id
  settings = [
    {
      type           = "activity_logs",
      id             = "/subscriptions/12345678-1234-1234-1234-123456789012/resourceGroups/my-resource-group/providers/Microsoft.EventHub/namespaces/my-eventhub-namespace/eventhubs/my-event-hub",
      consumer_group = "idk"
    },
  ]
  depends_on = [crowdstrike_cloud_azure_tenant.tenant]
}

output "eventhub_settings" {
  value = crowdstrike_cloud_azure_tenant_eventhub_settings.eventhub
}

Schema

Required

• tenant_id (String) The Azure Tenant ID to attach the eventhub settings to.

Optional

• settings (Attributes Set) Eventhub settings for an Azure tenant registration. (see below for nested schema)

Nested Schema for settings

Required:

• consumer_group (String) The Azure Event Hub consumer group name used to read events from the Event Hub.
• id (String) The Azure eventhub ID.
• type (String) The type of eventhub.

Import

Import is supported using the following syntax:

# The eventhub settings for a previously registered cloud azure tenant can be imported by tenant id.
terraform import crowdstrike_cloud_azure_tenant_eventhub_settings.eventhub 00000000-0000-0000-0000-000000000000