I am trying to create gcp log based alerting policy using terraform using the code given below :-
resource "google_logging_metric" "my_log_metrics" {
name = "my-log-metric"
filter = filter = "resource.type=\"service_account\" AND protoPayload.methodName=\"google.iam.admin.v1.DeleteServiceAccount\" AND resource.labels.email_id:\"vaultvault-\""
}
resource "google_monitoring_alert_policy" "my_policy" {
display_name = "my-policy"
combiner = "OR"
conditions {
display_name = "my-policy"
condition_threshold {
filter = "metric.type=\"logging.googleapis.com/user/my-log-metric\" AND resource.type=\"service_account\""
}
But getting the following error: Error creating AlertPolicy: googleapi: Error 400: Field alert_policy.conditions[0].condition_threshold.filter had an invalid value of "metric.type="logging.googleapis.com/user/my-metric" AND resource_type="service_account"": must specify a restriction on "resource.type" in the filter; see "https://cloud.google.com/monitoring/api/resources" for a list of available resource types. │