From 30af061fa15db4957d78d0294e02c154b5b1d20a Mon Sep 17 00:00:00 2001 From: James Green Date: Thu, 1 Feb 2024 17:07:51 +0000 Subject: [PATCH] added cloudwatch subscription --- data.tf | 2 +- main.tf | 1 + .../log_group_subscription.tf | 53 +++++++++++++++++++ modules/kinesis_firehose_xsiam/main.tf | 2 - modules/kinesis_firehose_xsiam/variable.tf | 3 ++ 5 files changed, 58 insertions(+), 3 deletions(-) create mode 100644 modules/kinesis_firehose_xsiam/log_group_subscription.tf diff --git a/data.tf b/data.tf index 85acceb..f28037b 100644 --- a/data.tf +++ b/data.tf @@ -1,5 +1,5 @@ locals { - xaiam_secrets_version_development = "2f39a1d3-b363-4d24-8749-f0ae737c2824" + xaiam_secrets_version_development = "74b8d013-7096-415b-a8f4-20adc4624667" xaiam_secrets_version_pre_production = "" xaiam_secrets_version_production = "" } diff --git a/main.tf b/main.tf index 914d1f5..f389dee 100644 --- a/main.tf +++ b/main.tf @@ -317,6 +317,7 @@ module "kinesis_firehose_xsiam" { access_key = jsondecode(data.aws_secretsmanager_secret_version.xaiam_secrets_version.secret_string)["access_key"] prefix = "${module.label.id}-xsiam" tags = module.label.tags + cloudwatch_log_group_for_subscription = module.radius.cloudwatch.server_log_group_name providers = { aws = aws.env diff --git a/modules/kinesis_firehose_xsiam/log_group_subscription.tf b/modules/kinesis_firehose_xsiam/log_group_subscription.tf new file mode 100644 index 0000000..6636332 --- /dev/null +++ b/modules/kinesis_firehose_xsiam/log_group_subscription.tf @@ -0,0 +1,53 @@ +resource "aws_cloudwatch_log_subscription_filter" "test_lambdafunction_logfilter" { + name = "xsiam-delivery-stream-${var.prefix}" + role_arn = aws_iam_role.this.arn + log_group_name = var.cloudwatch_log_group_for_subscription + filter_pattern = "" + destination_arn = aws_kinesis_firehose_delivery_stream.xsiam_delivery_stream.arn +} + +resource "aws_iam_role" "this" { + name_prefix = var.prefix + assume_role_policy = <