Merge pull request #245 from SumoLogic/remove_rce_traces

Removed rce, xray and inventory references

Author: akhil-sumologic

aws-observability-terraform/examples/sourcemodule/overrideSources/README.md

@@ -71,7 +71,6 @@
 | <a name="input_collect_elb"></a> [collect\_elb](#input\_collect\_elb) | Create a Sumo Logic ALB Logs Source.<br/>            You have the following options:<br/>			true - to ingest load balancer logs into Sumo Logic. Creates a Sumo Logic Log Source that collects application load balancer logs from an existing bucket or a new bucket.<br/>			If true, please configure \"elb\_source\_details\" with configuration information including the bucket name and path expression to ingest load balancer logs.<br/>			false - you are already ingesting load balancer logs into Sumo Logic. | `bool` | `true` | no |
 | <a name="input_collect_logs_cloudwatch"></a> [collect\_logs\_cloudwatch](#input\_collect\_logs\_cloudwatch) | Select the kind of Sumo Logic CloudWatch Logs Sources to create<br/>            You have the following options:<br/>            "Lambda Log Forwarder" - Creates a Sumo Logic CloudWatch Log Source that collects CloudWatch logs via a Lambda function.<br/>            "Kinesis Firehose Log Source" - Creates a Sumo Logic Kinesis Firehose Log Source to collect CloudWatch logs.<br/>            "None" - Skips installation of both sources. | `string` | `"Kinesis Firehose Log Source"` | no |
 | <a name="input_collect_metric_cloudwatch"></a> [collect\_metric\_cloudwatch](#input\_collect\_metric\_cloudwatch) | Select the kind of CloudWatch Metrics Source to create<br/>            You have the following options:<br/>            "CloudWatch Metrics Source" - Creates Sumo Logic AWS CloudWatch Metrics Sources.<br/>            "Kinesis Firehose Metrics Source" (Recommended) - Creates a Sumo Logic AWS Kinesis Firehose for Metrics Source. Note: This new source has cost and performance benefits over the CloudWatch Metrics Source and is therefore recommended.<br/>            "None" - Skips the Installation of both the Sumo Logic Metric Sources | `string` | `"Kinesis Firehose Metrics Source"` | no |
-| <a name="input_collect_rce"></a> [collect\_rce](#input\_collect\_rce) | Select the Sumo Logic Root Cause Explorer Source.<br/>            You have the following options:<br/>            Inventory Source - Creates a Sumo Logic Inventory Source used by Root Cause Explorer.<br/>            Xray Source - Creates a Sumo Logic AWS X-Ray Source that collects X-Ray Trace Metrics from your AWS account.<br/>            Both - Install both Inventory and Xray sources.<br/>            None - Skips installation of both sources. | `string` | `"Both"` | no |
 | <a name="input_collector_id"></a> [collector\_id](#input\_collector\_id) | Required if you already have collector. | `string` | `""` | no |
 | <a name="input_create_collector"></a> [create\_collector](#input\_create\_collector) | Create a Sumo Logic Collector.<br/>            You have the following options:<br/>			true - If you want to create collector.<br/>			false - If you already have a collector. | `bool` | `true` | no |
 | <a name="input_create_s3_bucket"></a> [create\_s3\_bucket](#input\_create\_s3\_bucket) | Create a AWS S3 bucket.<br/>            You have the following options:<br/>			true - If you want to create S3 bucket.<br/>			false - If you already have a S3 bucket. | `bool` | `true` | no |
@@ -134,7 +133,5 @@
 | <a name="output_sumologic_field_networkloadbalancer"></a> [sumologic\_field\_networkloadbalancer](#output\_sumologic\_field\_networkloadbalancer) | This output contains sumologic networkloadbalancer field id. |
 | <a name="output_sumologic_field_region"></a> [sumologic\_field\_region](#output\_sumologic\_field\_region) | This output contains sumologic Region field id. |
 | <a name="output_sumologic_field_tablename"></a> [sumologic\_field\_tablename](#output\_sumologic\_field\_tablename) | This output contains sumologic tablename field id. |
-| <a name="output_sumologic_inventory_source"></a> [sumologic\_inventory\_source](#output\_sumologic\_inventory\_source) | This output contains sumologic aws inventory source id. |
 | <a name="output_sumologic_kinesis_firehose_for_logs_source"></a> [sumologic\_kinesis\_firehose\_for\_logs\_source](#output\_sumologic\_kinesis\_firehose\_for\_logs\_source) | This output contains sumologic kinesis firehose for logs source id. |
 | <a name="output_sumologic_kinesis_firehose_for_metrics_source"></a> [sumologic\_kinesis\_firehose\_for\_metrics\_source](#output\_sumologic\_kinesis\_firehose\_for\_metrics\_source) | This output contains sumologic kinesis firehose for metrics source id. |
-| <a name="output_sumologic_xray_source"></a> [sumologic\_xray\_source](#output\_sumologic\_xray\_source) | This output contains sumologic aws xray source id. |

aws-observability-terraform/examples/sourcemodule/overrideSources/main.auto.tfvars

@@ -20,7 +20,6 @@ sumo_api_endpoint         = ""  #"<YOUR SUMOLOGIC API ENDPOINT>"
 # collect_elb = "true"
 # collect_classic_lb = "true"
 # collect_cloudtrail = "true"
-# collect_rce = "Xray Source"
 # collect_logs_cloudwatch = "Kinesis Firehose Log Source"
 # collect_metric_cloudwatch = "CloudWatch Metrics Source"
 # create_s3_bucket = false

aws-observability-terraform/examples/sourcemodule/overrideSources/variables.tf

@@ -210,27 +210,6 @@ variable "collect_metric_cloudwatch" {
   default = "Kinesis Firehose Metrics Source"
 }
 
-variable "collect_rce" {
-  type        = string
-  description = <<EOT
-            Select the Sumo Logic Root Cause Explorer Source.
-            You have the following options:
-            Inventory Source - Creates a Sumo Logic Inventory Source used by Root Cause Explorer.
-            Xray Source - Creates a Sumo Logic AWS X-Ray Source that collects X-Ray Trace Metrics from your AWS account.
-            Both - Install both Inventory and Xray sources.
-            None - Skips installation of both sources.
-        EOT
-  validation {
-    condition = contains([
-      "Inventory Source",
-      "Xray Source",
-      "Both",
-    "None", ], var.collect_rce)
-    error_message = "The value must be one of \"Inventory Source\", \"Xray Source\", \"Both\" and None."
-  }
-  default = "Both"
-}
-
 variable "elb_details" {
   type = object({
     source_name     = string

aws-observability-terraform/examples/sourcemodule/testSource/README.md

@@ -69,7 +69,6 @@
 | <a name="input_collect_elb"></a> [collect\_elb](#input\_collect\_elb) | Create a Sumo Logic ALB Logs Source.<br/>            You have the following options:<br/>			true - to ingest load balancer logs into Sumo Logic. Creates a Sumo Logic Log Source that collects application load balancer logs from an existing bucket or a new bucket.<br/>			If true, please configure \"elb\_source\_details\" with configuration information including the bucket name and path expression to ingest load balancer logs.<br/>			false - you are already ingesting load balancer logs into Sumo Logic. | `bool` | `true` | no |
 | <a name="input_collect_logs_cloudwatch"></a> [collect\_logs\_cloudwatch](#input\_collect\_logs\_cloudwatch) | Select the kind of Sumo Logic CloudWatch Logs Sources to create<br/>            You have the following options:<br/>            "Lambda Log Forwarder" - Creates a Sumo Logic CloudWatch Log Source that collects CloudWatch logs via a Lambda function.<br/>            "Kinesis Firehose Log Source" - Creates a Sumo Logic Kinesis Firehose Log Source to collect CloudWatch logs.<br/>            "None" - Skips installation of both sources. | `string` | `"Kinesis Firehose Log Source"` | no |
 | <a name="input_collect_metric_cloudwatch"></a> [collect\_metric\_cloudwatch](#input\_collect\_metric\_cloudwatch) | Select the kind of CloudWatch Metrics Source to create<br/>            You have the following options:<br/>            "CloudWatch Metrics Source" - Creates Sumo Logic AWS CloudWatch Metrics Sources.<br/>            "Kinesis Firehose Metrics Source" (Recommended) - Creates a Sumo Logic AWS Kinesis Firehose for Metrics Source. Note: This new source has cost and performance benefits over the CloudWatch Metrics Source and is therefore recommended.<br/>            "None" - Skips the Installation of both the Sumo Logic Metric Sources | `string` | `"Kinesis Firehose Metrics Source"` | no |
-| <a name="input_collect_rce"></a> [collect\_rce](#input\_collect\_rce) | Select the Sumo Logic Root Cause Explorer Source.<br/>            You have the following options:<br/>            Inventory Source - Creates a Sumo Logic Inventory Source used by Root Cause Explorer.<br/>            Xray Source - Creates a Sumo Logic AWS X-Ray Source that collects X-Ray Trace Metrics from your AWS account.<br/>            Both - Install both Inventory and Xray sources.<br/>            None - Skips installation of both sources. | `string` | `"Both"` | no |
 | <a name="input_collector_id"></a> [collector\_id](#input\_collector\_id) | Required if you already have collector. | `string` | `""` | no |
 | <a name="input_create_collector"></a> [create\_collector](#input\_create\_collector) | Create a Sumo Logic Collector.<br/>            You have the following options:<br/>			true - If you want to create collector.<br/>			false - If you already have a collector. | `bool` | `true` | no |
 | <a name="input_create_s3_bucket"></a> [create\_s3\_bucket](#input\_create\_s3\_bucket) | Create a AWS S3 bucket.<br/>            You have the following options:<br/>			true - If you want to create S3 bucket.<br/>			false - If you already have a S3 bucket. | `bool` | `true` | no |
@@ -133,7 +132,5 @@
 | <a name="output_sumologic_field_networkloadbalancer"></a> [sumologic\_field\_networkloadbalancer](#output\_sumologic\_field\_networkloadbalancer) | This output contains sumologic networkloadbalancer field id. |
 | <a name="output_sumologic_field_region"></a> [sumologic\_field\_region](#output\_sumologic\_field\_region) | This output contains sumologic Region field id. |
 | <a name="output_sumologic_field_tablename"></a> [sumologic\_field\_tablename](#output\_sumologic\_field\_tablename) | This output contains sumologic tablename field id. |
-| <a name="output_sumologic_inventory_source"></a> [sumologic\_inventory\_source](#output\_sumologic\_inventory\_source) | This output contains sumologic aws inventory source id. |
 | <a name="output_sumologic_kinesis_firehose_for_logs_source"></a> [sumologic\_kinesis\_firehose\_for\_logs\_source](#output\_sumologic\_kinesis\_firehose\_for\_logs\_source) | This output contains sumologic kinesis firehose for logs source id. |
 | <a name="output_sumologic_kinesis_firehose_for_metrics_source"></a> [sumologic\_kinesis\_firehose\_for\_metrics\_source](#output\_sumologic\_kinesis\_firehose\_for\_metrics\_source) | This output contains sumologic kinesis firehose for metrics source id. |
-| <a name="output_sumologic_xray_source"></a> [sumologic\_xray\_source](#output\_sumologic\_xray\_source) | This output contains sumologic aws xray source id. |

aws-observability-terraform/examples/sourcemodule/testSource/variables.tf

@@ -237,27 +237,6 @@ variable "collect_metric_cloudwatch" {
   default = "Kinesis Firehose Metrics Source"
 }
 
-variable "collect_rce" {
-  type        = string
-  description = <<EOT
-            Select the Sumo Logic Root Cause Explorer Source.
-            You have the following options:
-            Inventory Source - Creates a Sumo Logic Inventory Source used by Root Cause Explorer.
-            Xray Source - Creates a Sumo Logic AWS X-Ray Source that collects X-Ray Trace Metrics from your AWS account.
-            Both - Install both Inventory and Xray sources.
-            None - Skips installation of both sources.
-        EOT
-  validation {
-    condition = contains([
-      "Inventory Source",
-      "Xray Source",
-      "Both",
-    "None", ], var.collect_rce)
-    error_message = "The value must be one of \"Inventory Source\", \"Xray Source\", \"Both\" and None."
-  }
-  default = "Both"
-}
-
 variable "elb_details" {
   type = object({
     source_name     = string

aws-observability-terraform/source-module/main.tf

@@ -1,6 +1,6 @@
 # AWS Observability Sources
 # 1. Create Common Collector
-# 2. Create Common IAM role with permissions for alb and cloudtrail S3 Bucket, cloudwatch metrics, inventory and xray source. -> main_iam_role.tf
+# 2. Create Common IAM role with permissions for alb and cloudtrail S3 Bucket, cloudwatch metrics -> main_iam_role.tf
 # 3. S3 Bucket and SNS Topic and policy -> main_s3_bucket.tf
 
 resource "random_string" "aws_random" {

aws-observability-terraform/test/sourcemodule/source_test.go

@@ -175,7 +175,7 @@ func TestSourceModule2(t *testing.T) {
 	})
 }
 
-// Testing scenerio 3 - Collect CW Logs via Lambda Log forwarder, CW Metrics via CW metric source & Inventory source
+// Testing scenerio 3 - Collect CW Logs via Lambda Log forwarder, CW Metrics via CW metric source
 func TestSourceModule3(t *testing.T) {
 	// t.Parallel()
 
@@ -367,7 +367,6 @@ func TestSourceModule5(t *testing.T) {
 		"collect_elb":                   "false",
 		"collect_classic_lb":            "false",
 		"collect_cloudtrail":            "false",
-		"collect_rce":                   "None",
 		"collect_logs_cloudwatch":       "Lambda Log Forwarder",
 		"auto_enable_logs_tags_filters": "Environment=Production,Application=MyApp,creator=appsTeam",
 		"collect_metric_cloudwatch":     "CloudWatch Metrics Source",
@@ -463,7 +462,6 @@ func TestSourceModule6(t *testing.T) {
 		"collect_elb":                   "false",
 		"collect_classic_lb":            "false",
 		"collect_cloudtrail":            "false",
-		"collect_rce":                   "None",
 		"auto_enable_logs_tags_filters": "Environment=Production,Application=MyApp,creator=appsTeam",
 	}
 	// Define the variable values

aws-observability/apps/common/resources.template.yaml

@@ -1606,7 +1606,7 @@ Outputs:
     Description: "Check If Account is Paid or Not"
     Value: !GetAtt AccountCheck.is_paid
   Namespaces:
-    Description: "Comma Delimited String of CloudWatch Metrics Namespaces for Inventory Source."
+    Description: "Comma Delimited String of CloudWatch Metrics Namespaces."
     Value: !GetAtt Primerinvoke.namespaces
   KinesisLogsDeliveryStreamARN:
     Description: "The ARN for your Kinesis Firehose Delivery Stream, use this as the destination when adding CloudWatch Logs subscription filters."

aws-observability/apps/gis/gis.template.yaml

@@ -1,6 +1,6 @@
 AWSTemplateFormatVersion: '2010-09-09'
 Transform: 'AWS::Serverless-2016-10-31'
-Description: "Version - v2.12.0: Template to setup the Sumo Logic AWS Inventory Source and Root Cause Explorer app."
+Description: "Version - v2.12.0: Template to setup the Sumo Logic Global Intelligence for CloudTrail DevOps app."
 
 Metadata:
   'AWS::CloudFormation::Interface':

aws-observability/apps/permissionchecker/permissioncheck.nested.template.test.yaml

@@ -211,7 +211,7 @@ Resources:
 
   ################# Create Lambda Role and Lambda Function to create Sumo Logic Custom Resources #################
   ################# Checks for IAM and Lambda Permissions #################
-  ################# Checks for IAM ROLE - Sumo Source, Inventory Source also #################
+  ################# Checks for IAM ROLE - Sumo Source #################
   LambdaRole:
     Type: AWS::IAM::Role
     Metadata:
@@ -281,79 +281,6 @@ Resources:
                 Resource:
                   "*"
 
-  RootCauseRole:
-    Type: AWS::IAM::Role
-    Metadata:
-      cfn_nag:
-        rules_to_suppress:
-          - id: W11
-            reason: "Operations are performed across resources."
-    Properties:
-      AssumeRolePolicyDocument:
-        Version: '2012-10-17'
-        Statement:
-          - Effect: Allow
-            Principal:
-              AWS: arn:aws:iam::246946804217:root
-            Action: sts:AssumeRole
-            Condition:
-              StringEquals:
-                sts:ExternalId: !Sub "${Section1aSumoLogicDeployment}:${Section1dSumoLogicOrganizationId}"
-      Path: "/"
-      Policies:
-        - PolicyName: SumoInventoryPolicy
-          PolicyDocument:
-            Version: '2012-10-17'
-            Statement:
-              - Action:
-                  - apigateway:GET
-                  - autoscaling:Describe*
-                  - cloudfront:GetDistributionConfig
-                  - cloudfront:ListDistributions
-                  - cloudtrail:DescribeTrails
-                  - cloudtrail:GetTrailStatus
-                  - cloudwatch:Describe*
-                  - cloudwatch:Get*
-                  - cloudwatch:List*
-                  - codedeploy:List*
-                  - codedeploy:BatchGet*
-                  - dynamodb:Describe*
-                  - dynamodb:List*
-                  - ec2:Describe*
-                  - ecs:Describe*
-                  - ecs:List*
-                  - elasticache:Describe*
-                  - elasticache:List*
-                  - elasticfilesystem:Describe*
-                  - elasticloadbalancing:Describe*
-                  - elasticmapreduce:Describe*
-                  - elasticmapreduce:List*
-                  - es:Describe*
-                  - es:List*
-                  - health:Describe*
-                  - kinesis:Describe*
-                  - kinesis:List*
-                  - lambda:List*
-                  - mq:Describe*
-                  - mq:List*
-                  - rds:Describe*
-                  - rds:List*
-                  - redshift:Describe*
-                  - route53:List*
-                  - sqs:ListQueues
-                  - ses:GetSendStatistics
-                  - ses:GetSendQuota
-                  - sns:List*
-                  - tag:GetResources
-                  - tag:GetTagKeys
-                  - tag:GetTagValues
-                  - xray:BatchGetTraces
-                  - xray:Get*
-                  - pi:DescribeDimensionKeys
-                  - pi:GetResourceMetrics
-                Effect: Allow
-                Resource: "*"
-
   LambdaHelper:
     Type: 'AWS::Serverless::Function'
     Properties: