Add outputs for flow logs

Author: miguelaferreira

flow-logs.tf

@@ -9,10 +9,8 @@ locals {
   flow_log_cloudwatch_destination = local.create_flow_log_cloudwatch_log_group ? join("", aws_cloudwatch_log_group.flow_log.*.arn) : var.flow_log_destination_arn
   flow_log_s3_destination         = local.create_flow_log_s3_bucket ? join("", aws_s3_bucket.flow_log.*.arn) : var.flow_log_destination_arn
 
-  flow_log_iam_role_arn = local.create_flow_log_cloudwatch_iam_role ? join("", aws_iam_role.vpc_flow_log_cloudwatch.*.arn) : var.flow_log_cloudwatch_iam_role_arn
-
-  flow_log_destination = var.push_flow_log_to_s3 ? local.flow_log_s3_destination : local.flow_log_cloudwatch_destination
-
+  flow_log_iam_role_arn     = local.create_flow_log_cloudwatch_iam_role ? join("", aws_iam_role.vpc_flow_log_cloudwatch.*.arn) : var.flow_log_cloudwatch_iam_role_arn
+  flow_log_destination      = var.push_flow_log_to_s3 ? local.flow_log_s3_destination : local.flow_log_cloudwatch_destination
   flow_log_destination_type = var.push_flow_log_to_s3 ? "s3" : "cloud-watch-logs"
 }
 

outputs.tf

@@ -618,6 +618,26 @@ output "vpc_endpoint_cloudtrail_dns_entry" {
   value       = flatten(aws_vpc_endpoint.cloudtrail.*.dns_entry)
 }
 
+output "vpc_flow_log_id" {
+  description = "The ID of the Flow Log reosurce"
+  value = join("", aws_flow_log.this.id)
+}
+
+output "vpc_flow_log_destination_arn" {
+  description = "The ARN of the destination for VPC FLow Logs"
+  value = local.flow_log_destination
+}
+
+output "vpc_flow_log_destination_type" {
+  description = "The type of the destination for VPC FLow Logs"
+  value = local.flow_log_destination_type
+}
+
+output "vop_flow_log_cloudwatch_iam_role_arn" {
+  description = "The ARN of the IAM role used when pushing logs to CLoudWatch log group"
+  value = local.flow_log_iam_role_arn
+}
+
 # Static values (arguments)
 output "azs" {
   description = "A list of availability zones specified as argument to this module"