Merge pull request #26 from SumoLogic/hsharma-sumo-provider

Hsharma sumo provider

Author: himsharma01

aws/elasticloadbalancing/README.md

@@ -13,18 +13,18 @@ This module is used to create AWS and Sumo Logic resource to collect ELB logs fr
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.42.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.16.2, < 6.0.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >=3.1.0 |
-| <a name="requirement_sumologic"></a> [sumologic](#requirement\_sumologic) | >= 2.9.0 |
+| <a name="requirement_sumologic"></a> [sumologic](#requirement\_sumologic) | >= 2.28.3, < 3.0.0 |
 | <a name="requirement_time"></a> [time](#requirement\_time) | >=0.7.1 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.42.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.16.2, < 6.0.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | >=3.1.0 |
-| <a name="provider_sumologic"></a> [sumologic](#provider\_sumologic) | >= 2.9.0 |
+| <a name="provider_sumologic"></a> [sumologic](#provider\_sumologic) | >= 2.28.3, < 3.0.0 |
 | <a name="provider_time"></a> [time](#provider\_time) | >=0.7.1 |
 
 ## Modules
@@ -39,6 +39,7 @@ No modules.
 | [aws_iam_role.source_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_s3_bucket.s3_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
 | [aws_s3_bucket_notification.bucket_notification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_notification) | resource |
+| [aws_s3_bucket_policy.dump_access_logs_to_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
 | [aws_serverlessapplicationrepository_cloudformation_stack.auto_enable_access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/serverlessapplicationrepository_cloudformation_stack) | resource |
 | [aws_sns_topic.sns_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |
 | [aws_sns_topic_subscription.subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |
@@ -55,7 +56,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_app_semantic_version"></a> [app\_semantic\_version](#input\_app\_semantic\_version) | Provide the latest version of Serverless Application Repository 'sumologic-s3-logging-auto-enable'. | `string` | `"1.0.4"` | no |
+| <a name="input_app_semantic_version"></a> [app\_semantic\_version](#input\_app\_semantic\_version) | Provide the latest version of Serverless Application Repository 'sumologic-s3-logging-auto-enable'. | `string` | `"1.0.5"` | no |
 | <a name="input_auto_enable_access_logs"></a> [auto\_enable\_access\_logs](#input\_auto\_enable\_access\_logs) | New - Automatically enables access logging for newly created ELB resources to collect logs for ELB resources. This does not affect ELB resources already collecting logs.<br>				Existing - Automatically enables access logging for existing ELB resources to collect logs for ELB resources.<br>				Both - Automatically enables access logging for new and existing ELB resources.<br>				None - Skips Automatic access Logging enable for ELB resources. | `string` | `"Both"` | no |
 | <a name="input_auto_enable_access_logs_options"></a> [auto\_enable\_access\_logs\_options](#input\_auto\_enable\_access\_logs\_options) | filter - provide a regex to filter the ELB for which access logs should be enabled. Empty means all resources. For eg :- 'Type': 'application'\|'type': 'application', will enable access logs for Application load balancer only.<br>		remove\_on\_delete\_stack - provide true if you would like to disable access logging when you destroy the terraform resources. | <pre>object({<br>    bucket_prefix          = string<br>    auto_enable_logging    = string<br>    filter                 = string<br>    remove_on_delete_stack = bool<br>  })</pre> | <pre>{<br>  "auto_enable_logging": "",<br>  "bucket_prefix": "",<br>  "filter": "",<br>  "remove_on_delete_stack": true<br>}</pre> | no |
 | <a name="input_collector_details"></a> [collector\_details](#input\_collector\_details) | Provide details for the Sumo Logic collector. If not provided, then defaults will be used. | <pre>object({<br>    collector_name = string<br>    description    = string<br>    fields         = map(string)<br>  })</pre> | <pre>{<br>  "collector_name": "SumoLogic Elb Collector <Random ID>",<br>  "description": "This collector is created using Sumo Logic terraform AWS ELB module to collect AWS elb logs.",<br>  "fields": {}<br>}</pre> | no |

aws/elasticloadbalancing/elb.tf

@@ -17,7 +17,10 @@ resource "aws_s3_bucket" "s3_bucket" {
 
   bucket        = local.bucket_name
   force_destroy = var.source_details.bucket_details.force_destroy_bucket
+}
 
+resource "aws_s3_bucket_policy" "dump_access_logs_to_s3" {
+  bucket = aws_s3_bucket.s3_bucket["s3_bucket"].id
   policy = templatefile("${path.module}/templates/elb_bucket_policy.tmpl", {
     BUCKET_NAME     = local.bucket_name
     ELB_ACCCOUNT_ID = local.region_to_elb_account_id[local.aws_region]
@@ -134,6 +137,7 @@ resource "aws_sns_topic_subscription" "subscription" {
 }
 
 # Reason to use the SAM app, is to have single source of truth for Auto Enable access logs functionality.
+# Ignore changes has been implemented to bypass aws resource issue: https://github.com/hashicorp/terraform-provider-aws/issues/16485
 resource "aws_serverlessapplicationrepository_cloudformation_stack" "auto_enable_access_logs" {
   for_each = toset(local.auto_enable_access_logs ? ["auto_enable_access_logs"] : [])
 
@@ -149,4 +153,9 @@ resource "aws_serverlessapplicationrepository_cloudformation_stack" "auto_enable
     FilterExpression          = var.auto_enable_access_logs_options.filter
     RemoveOnDeleteStack       = var.auto_enable_access_logs_options.remove_on_delete_stack
   }
+  lifecycle {
+    ignore_changes = [
+      parameters,tags
+    ]
+  }
 }

aws/elasticloadbalancing/examples/default/README.md

@@ -0,0 +1,36 @@
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.16.2, < 6.0.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.1.0 |
+| <a name="requirement_sumologic"></a> [sumologic](#requirement\_sumologic) | >= 2.28.3, < 3.0.0 |
+| <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.11.1 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_lb_module"></a> [lb\_module](#module\_lb\_module) | SumoLogic/sumo-logic-integrations/sumologic//aws/elasticloadbalancing | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_sumologic_access_id"></a> [sumologic\_access\_id](#input\_sumologic\_access\_id) | Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
+| <a name="input_sumologic_access_key"></a> [sumologic\_access\_key](#input\_sumologic\_access\_key) | Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
+| <a name="input_sumologic_environment"></a> [sumologic\_environment](#input\_sumologic\_environment) | Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
+| <a name="input_sumologic_organization_id"></a> [sumologic\_organization\_id](#input\_sumologic\_organization\_id) | You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."<br>            For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page | `string` | n/a | yes |
+
+## Outputs
+
+No outputs.

aws/elasticloadbalancing/examples/default/data.tf

@@ -0,0 +1,5 @@
+data "aws_region" "current" {}
+
+data "aws_caller_identity" "current" {}
+
+data "sumologic_caller_identity" "current" {}

aws/elasticloadbalancing/examples/default/locals.tf

@@ -0,0 +1,9 @@
+locals {
+  # AWS account details
+  aws_account_id = data.aws_caller_identity.current.account_id
+  aws_region = data.aws_region.current.name
+
+  # S3 bucket inputs
+  bucket_name          = "aws-observability-random-${random_string.aws_random.id}"
+  path_expression      = "AWSLogs/${local.aws_account_id}/clb/${local.aws_region}/*"
+}

aws/elasticloadbalancing/examples/default/main.auto.tfvars

@@ -0,0 +1,6 @@
+####### BELOW ARE REQUIRED PARAMETERS FOR TERRAFORM SCRIPT #######
+# Visit - https://help.sumologic.com/Solutions/AWS_Observability_Solution/03_Set_Up_the_AWS_Observability_Solution#sumo-logic-access-configuration-required
+sumologic_environment     = "<YOUR SUMO DEPLOYMENT>"   # Please replace <YOUR SUMO DEPLOYMENT> (including brackets) with au, ca, de, eu, jp, us2, in, fed or us1.
+sumologic_access_id       = "<YOUR SUMO ACCESS ID>"    # Please replace <YOUR SUMO ACCESS ID> (including brackets) with your Sumo Logic Access ID.
+sumologic_access_key      = "<YOUR SUMO ACCESS KEY>"   # Please replace <YOUR SUMO ACCESS KEY> (including brackets) with your Sumo Logic Access KEY.
+sumologic_organization_id = "<YOUR SUMO ORG ID>"       # Please replace <YOUR SUMO ORG ID> (including brackets) with your Sumo Logic Organization ID.

aws/elasticloadbalancing/examples/default/main.tf

@@ -0,0 +1,47 @@
+resource "random_string" "aws_random" {
+  length  = 10
+  upper   = false
+  special = false
+}
+
+module "lb_module" {
+  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elasticloadbalancing"
+
+  create_collector          = true
+  sumologic_organization_id = var.sumologic_organization_id
+  wait_for_seconds          = 20
+
+  source_details = {
+    source_name     = "Classic Load Balancer Logs (Region)"
+    source_category = "aws/observability/clb/logs"
+    description     = "This source is created using Sumo Logic terraform AWS Observability module to collect AWS Classic Load Balancer logs."
+    collector_id    = null
+    bucket_details = {
+      create_bucket        = true
+      bucket_name          = local.bucket_name
+      path_expression      = local.path_expression
+      force_destroy_bucket = false
+    }
+    paused               = false
+    scan_interval        = 60000
+    sumo_account_id      = 926226587429
+    cutoff_relative_time = "-1d"
+    fields               = {}
+    iam_details = {
+      create_iam_role = true
+      iam_role_arn    = ""
+    }
+    sns_topic_details = {
+      create_sns_topic = true
+      sns_topic_arn    = ""
+    }
+  }
+  auto_enable_access_logs = "Both"
+  app_semantic_version = "1.0.6"
+  auto_enable_access_logs_options = {
+    bucket_prefix          = "classicloadbalancing"
+    auto_enable_logging    = "ELB"
+    filter                 = "'apiVersion': '2012-06-01'"
+    remove_on_delete_stack = true
+  }
+}

aws/elasticloadbalancing/examples/default/provider.tf

@@ -0,0 +1,5 @@
+provider "sumologic" {
+  environment = var.sumologic_environment
+  access_id   = var.sumologic_access_id
+  access_key  = var.sumologic_access_key
+}

aws/elasticloadbalancing/examples/default/variables.tf

@@ -0,0 +1,51 @@
+variable "sumologic_environment" {
+  type        = string
+  description = "Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
+
+  validation {
+    condition = contains([
+      "au",
+      "ca",
+      "de",
+      "eu",
+      "jp",
+      "us1",
+      "us2",
+      "in",
+    "fed"], var.sumologic_environment)
+    error_message = "The value must be one of au, ca, de, eu, jp, us1, us2, in, or fed."
+  }
+}
+
+variable "sumologic_access_id" {
+  type        = string
+  description = "Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key"
+
+  validation {
+    condition     = can(regex("\\w+", var.sumologic_access_id))
+    error_message = "The SumoLogic access ID must contain valid characters."
+  }
+}
+
+variable "sumologic_access_key" {
+  type        = string
+  description = "Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key"
+  sensitive = true
+
+  validation {
+    condition     = can(regex("\\w+", var.sumologic_access_key))
+    error_message = "The SumoLogic access key must contain valid characters."
+  }
+}
+
+variable "sumologic_organization_id" {
+  type        = string
+  description = <<EOT
+            You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."
+            For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page
+        EOT
+  validation {
+    condition     = can(regex("\\w+", var.sumologic_organization_id))
+    error_message = "The organization ID must contain valid characters."
+  }
+}

aws/elasticloadbalancing/examples/default/versions.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_version = ">= 0.13.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.16.2, < 6.0.0"
+    }
+    sumologic = {
+      version = ">= 2.28.3, < 3.0.0"
+      source  = "SumoLogic/sumologic"
+    }
+    time = {
+      source  = "hashicorp/time"
+      version = ">= 0.11.1"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.1.0"
+    }
+  }
+}