Updated sumo and aws tf provider for kinesis firehose for logs

himsharma01 · himsharma01 · commit fae90312a12a · 2024-04-08T16:51:53.000+05:30
diff --git a/aws/kinesisfirehoseforlogs/README.md b/aws/kinesisfirehoseforlogs/README.md
@@ -11,41 +11,74 @@ This module is used to create the SumoLogic AWS Kinesis Firehose for Logs source
 
 | Name | Version |
 |------|---------|
-| terraform | >= 0.13.0 |
-| aws | >= 3.42.0 |
-| random | >= 3.1.0 |
-| sumologic | >= 2.9.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.16.2, < 6.0.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.1.0 |
+| <a name="requirement_sumologic"></a> [sumologic](#requirement\_sumologic) | >= 2.28.3, < 3.0.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| aws | >= 3.42.0 |
-| random | >= 3.1.0 |
-| sumologic | >= 2.9.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.16.2, < 6.0.0 |
+| <a name="provider_random"></a> [random](#provider\_random) | >= 3.1.0 |
+| <a name="provider_sumologic"></a> [sumologic](#provider\_sumologic) | >= 2.28.3, < 3.0.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudwatch_log_group.log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_stream.http_log_stream](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_stream) | resource |
+| [aws_cloudwatch_log_stream.s3_log_stream](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_stream) | resource |
+| [aws_cloudwatch_log_subscription_filter.delivery_stream_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_subscription_filter) | resource |
+| [aws_iam_policy.firehose_delivery_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.firehose_s3_upload_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.logs_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_role.firehose_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role.logs_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.firehose_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.firehose_s3_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.logs_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_kinesis_firehose_delivery_stream.logs_delivery_stream](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream) | resource |
+| [aws_s3_bucket.s3_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
+| [aws_s3_bucket_public_access_block.s3_bucket_access_block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
+| [aws_serverlessapplicationrepository_cloudformation_stack.auto_enable_logs_subscription](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/serverlessapplicationrepository_cloudformation_stack) | resource |
+| [random_string.aws_random](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [sumologic_collector.collector](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/collector) | resource |
+| [sumologic_http_source.source](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/http_source) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| [aws_serverlessapplicationrepository_application.app](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/serverlessapplicationrepository_application) | data source |
+| [sumologic_caller_identity.current](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/data-sources/caller_identity) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| auto\_enable\_logs\_subscription | New - Automatically subscribes new log groups to send logs to Sumo Logic.<br>                              Existing - Automatically subscribes existing log groups to send logs to Sumo Logic.<br>                           Both - Automatically subscribes new and existing log groups.<br>                                None - Skips Automatic subscription. | `string` | `"Both"` | no |
-| auto\_enable\_logs\_subscription\_options | filter - Enter regex for matching logGroups. Regex will check for the name. Visit https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Auto-Subscribe_AWS_Log_Groups_to_a_Lambda_Function#Configuring_parameters | <pre>object({<br>    filter = string<br>  })</pre> | <pre>{<br>  "filter": "lambda"<br>}</pre> | no |
-| bucket\_details | Provide details for the AWS S3 bucket. If not provided, existing will be used. | <pre>object({<br>    bucket_name          = string<br>    force_destroy_bucket = bool<br>  })</pre> | <pre>{<br>  "bucket_name": "sumologic-kinesis-firehose-logs-random-id",<br>  "force_destroy_bucket": true<br>}</pre> | no |
-| collector\_details | Provide details for the Sumo Logic collector. If not provided, then defaults will be used. | <pre>object({<br>    collector_name = string<br>    description    = string<br>    fields         = map(string)<br>  })</pre> | <pre>{<br>  "collector_name": "SumoLogic Kinesis Firehose for Logs Collector <Random ID>",<br>  "description": "This collector is created using Sumo Logic terraform AWS Kinesis Firehose for logs module to collect AWS cloudwatch logs.",<br>  "fields": {}<br>}</pre> | no |
-| create\_bucket | Provide "true" if you would like to create AWS S3 bucket to store logs. Provide "bucket\_details" if set to "false". | `bool` | `true` | no |
-| create\_collector | Provide "true" if you would like to create the Sumo Logic Collector. | `bool` | n/a | yes |
-| source\_details | Provide details for the Sumo Logic Kinesis Firehose for Logs source. If not provided, then defaults will be used. | <pre>object({<br>    source_name     = string<br>    source_category = string<br>    collector_id    = string<br>    description     = string<br>    fields          = map(string)<br>  })</pre> | <pre>{<br>  "collector_id": "",<br>  "description": "This source is created using Sumo Logic terraform AWS Kinesis Firehose for logs module to collect AWS Cloudwatch logs.",<br>  "fields": {},<br>  "source_category": "Labs/aws/cloudwatch/logs",<br>  "source_name": "Kinesis Firehose for Logs Source"<br>}</pre> | no |
+| <a name="input_app_semantic_version"></a> [app\_semantic\_version](#input\_app\_semantic\_version) | Provide the latest version of Serverless Application Repository 'sumologic-loggroup-connector'. | `string` | `"1.0.7"` | no |
+| <a name="input_auto_enable_logs_subscription"></a> [auto\_enable\_logs\_subscription](#input\_auto\_enable\_logs\_subscription) | New - Automatically subscribes new log groups to send logs to Sumo Logic.<br>				Existing - Automatically subscribes existing log groups to send logs to Sumo Logic.<br>				Both - Automatically subscribes new and existing log groups.<br>				None - Skips Automatic subscription. | `string` | `"Both"` | no |
+| <a name="input_auto_enable_logs_subscription_options"></a> [auto\_enable\_logs\_subscription\_options](#input\_auto\_enable\_logs\_subscription\_options) | filter - Enter regex for matching logGroups. Regex will check for the name. Visit https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Auto-Subscribe_AWS_Log_Groups_to_a_Lambda_Function#Configuring_parameters | <pre>object({<br>    filter = string<br>  })</pre> | <pre>{<br>  "filter": "lambda"<br>}</pre> | no |
+| <a name="input_bucket_details"></a> [bucket\_details](#input\_bucket\_details) | Provide details for the AWS S3 bucket. If not provided, existing will be used. | <pre>object({<br>    bucket_name          = string<br>    force_destroy_bucket = bool<br>  })</pre> | <pre>{<br>  "bucket_name": "sumologic-kinesis-firehose-logs-random-id",<br>  "force_destroy_bucket": true<br>}</pre> | no |
+| <a name="input_collector_details"></a> [collector\_details](#input\_collector\_details) | Provide details for the Sumo Logic collector. If not provided, then defaults will be used. | <pre>object({<br>    collector_name = string<br>    description    = string<br>    fields         = map(string)<br>  })</pre> | <pre>{<br>  "collector_name": "SumoLogic Kinesis Firehose for Logs Collector <Random ID>",<br>  "description": "This collector is created using Sumo Logic terraform AWS Kinesis Firehose for logs module to collect AWS cloudwatch logs.",<br>  "fields": {}<br>}</pre> | no |
+| <a name="input_create_bucket"></a> [create\_bucket](#input\_create\_bucket) | Provide "true" if you would like to create AWS S3 bucket to store logs. Provide "bucket\_details" if set to "false". | `bool` | `true` | no |
+| <a name="input_create_collector"></a> [create\_collector](#input\_create\_collector) | Provide "true" if you would like to create the Sumo Logic Collector. | `bool` | n/a | yes |
+| <a name="input_source_details"></a> [source\_details](#input\_source\_details) | Provide details for the Sumo Logic Kinesis Firehose for Logs source. If not provided, then defaults will be used. | <pre>object({<br>    source_name     = string<br>    source_category = string<br>    collector_id    = string<br>    description     = string<br>    fields          = map(string)<br>  })</pre> | <pre>{<br>  "collector_id": "",<br>  "description": "This source is created using Sumo Logic terraform AWS Kinesis Firehose for logs module to collect AWS Cloudwatch logs.",<br>  "fields": {},<br>  "source_category": "Labs/aws/cloudwatch/logs",<br>  "source_name": "Kinesis Firehose for Logs Source"<br>}</pre> | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| aws\_cloudwatch\_log\_group | AWS Log group created to attach to delivery stream. |
-| aws\_cloudwatch\_log\_stream | AWS Log stream created to attach to log group. |
-| aws\_iam\_role | AWS IAM role with permission to setup kinesis firehose logs. |
-| aws\_kinesis\_firehose\_delivery\_stream | AWS Kinesis firehose delivery stream to send logs to Sumo Logic. |
-| aws\_s3\_bucket | AWS S3 Bucket name created to Store the Failed data. |
-| aws\_serverlessapplicationrepository\_cloudformation\_stack | AWS CloudFormation stack for Auto Enable logs subscription. |
-| random\_string | Random String value created. |
-| sumologic\_collector | Sumo Logic hosted collector. |
-| sumologic\_source | Sumo Logic AWS Kinesis Firehose for Logs source. |
+| <a name="output_aws_cloudwatch_log_group"></a> [aws\_cloudwatch\_log\_group](#output\_aws\_cloudwatch\_log\_group) | AWS Log group created to attach to delivery stream. |
+| <a name="output_aws_cloudwatch_log_stream"></a> [aws\_cloudwatch\_log\_stream](#output\_aws\_cloudwatch\_log\_stream) | AWS Log stream created to attach to log group. |
+| <a name="output_aws_iam_role"></a> [aws\_iam\_role](#output\_aws\_iam\_role) | AWS IAM role with permission to setup kinesis firehose logs. |
+| <a name="output_aws_kinesis_firehose_delivery_stream"></a> [aws\_kinesis\_firehose\_delivery\_stream](#output\_aws\_kinesis\_firehose\_delivery\_stream) | AWS Kinesis firehose delivery stream to send logs to Sumo Logic. |
+| <a name="output_aws_s3_bucket"></a> [aws\_s3\_bucket](#output\_aws\_s3\_bucket) | AWS S3 Bucket name created to Store the Failed data. |
+| <a name="output_aws_serverlessapplicationrepository_cloudformation_stack"></a> [aws\_serverlessapplicationrepository\_cloudformation\_stack](#output\_aws\_serverlessapplicationrepository\_cloudformation\_stack) | AWS CloudFormation stack for Auto Enable logs subscription. |
+| <a name="output_random_string"></a> [random\_string](#output\_random\_string) | Random String value created. |
+| <a name="output_sumologic_collector"></a> [sumologic\_collector](#output\_sumologic\_collector) | Sumo Logic hosted collector. |
+| <a name="output_sumologic_source"></a> [sumologic\_source](#output\_sumologic\_source) | Sumo Logic AWS Kinesis Firehose for Logs source. |
diff --git a/aws/kinesisfirehoseforlogs/examples/README.md b/aws/kinesisfirehoseforlogs/examples/README.md
@@ -0,0 +1,36 @@
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.16.2, < 6.0.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.1.0 |
+| <a name="requirement_sumologic"></a> [sumologic](#requirement\_sumologic) | >= 2.28.3, < 3.0.0 |
+| <a name="requirement_time"></a> [time](#requirement\_time) | >= 0.11.1 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_kinesis_firehose_for_logs_module"></a> [kinesis\_firehose\_for\_logs\_module](#module\_kinesis\_firehose\_for\_logs\_module) | SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseforlogs | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_sumologic_access_id"></a> [sumologic\_access\_id](#input\_sumologic\_access\_id) | Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
+| <a name="input_sumologic_access_key"></a> [sumologic\_access\_key](#input\_sumologic\_access\_key) | Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes |
+| <a name="input_sumologic_environment"></a> [sumologic\_environment](#input\_sumologic\_environment) | Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
+| <a name="input_sumologic_organization_id"></a> [sumologic\_organization\_id](#input\_sumologic\_organization\_id) | You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."<br>            For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page | `string` | n/a | yes |
+
+## Outputs
+
+No outputs.
diff --git a/aws/kinesisfirehoseforlogs/examples/main.auto.tfvars b/aws/kinesisfirehoseforlogs/examples/main.auto.tfvars
@@ -0,0 +1,6 @@
+####### BELOW ARE REQUIRED PARAMETERS FOR TERRAFORM SCRIPT #######
+# Visit - https://help.sumologic.com/Solutions/AWS_Observability_Solution/03_Set_Up_the_AWS_Observability_Solution#sumo-logic-access-configuration-required
+sumologic_environment     = "<YOUR SUMO DEPLOYMENT>"   # Please replace <YOUR SUMO DEPLOYMENT> (including brackets) with au, ca, de, eu, jp, us2, in, fed or us1.
+sumologic_access_id       = "<YOUR SUMO ACCESS ID>"    # Please replace <YOUR SUMO ACCESS ID> (including brackets) with your Sumo Logic Access ID.
+sumologic_access_key      = "<YOUR SUMO ACCESS KEY>"   # Please replace <YOUR SUMO ACCESS KEY> (including brackets) with your Sumo Logic Access KEY.
+sumologic_organization_id = "<YOUR SUMO ORG ID>"       # Please replace <YOUR SUMO ORG ID> (including brackets) with your Sumo Logic Organization ID.
diff --git a/aws/kinesisfirehoseforlogs/examples/main.tf b/aws/kinesisfirehoseforlogs/examples/main.tf
@@ -0,0 +1,25 @@
+module "kinesis_firehose_for_logs_module" {
+  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseforlogs"
+
+  create_collector = true
+
+  source_details = {
+    source_name     = "<Source-Name>"
+    source_category = "<Source-Category>"
+    description     = "<Source-Description>"
+    collector_id    = null
+    fields          = {}
+  }
+
+  create_bucket = true
+  bucket_details = {
+    bucket_name          = "<AWS-S3-bucket>"
+    force_destroy_bucket = false
+  }
+
+  auto_enable_logs_subscription = "Both"
+  app_semantic_version = "1.0.9"
+  auto_enable_logs_subscription_options = {
+    filter = "lambda|rds"
+  }
+}
diff --git a/aws/kinesisfirehoseforlogs/examples/provider.tf b/aws/kinesisfirehoseforlogs/examples/provider.tf
@@ -0,0 +1,20 @@
+provider "sumologic" {
+  environment = var.sumologic_environment
+  access_id   = var.sumologic_access_id
+  access_key  = var.sumologic_access_key
+}
+
+provider "aws" {
+  region = "us-east-1"
+  #
+  # Below properties should be added when you would like to onboard more than one region and account
+  # More Information regarding AWS Profile can be found at -
+  #
+  # Access configuration
+  #
+  # profile = <Provide a profile as setup in AWS CLI>
+  #
+  # Terraform alias
+  #
+  # alias = <Provide a terraform alias for the aws provider. For eg :- production-us-east-1>
+}
diff --git a/aws/kinesisfirehoseforlogs/examples/variables.tf b/aws/kinesisfirehoseforlogs/examples/variables.tf
@@ -0,0 +1,51 @@
+variable "sumologic_environment" {
+  type        = string
+  description = "Enter au, ca, de, eu, jp, us2, in, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security"
+
+  validation {
+    condition = contains([
+      "au",
+      "ca",
+      "de",
+      "eu",
+      "jp",
+      "us1",
+      "us2",
+      "in",
+    "fed"], var.sumologic_environment)
+    error_message = "The value must be one of au, ca, de, eu, jp, us1, us2, in, or fed."
+  }
+}
+
+variable "sumologic_access_id" {
+  type        = string
+  description = "Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key"
+
+  validation {
+    condition     = can(regex("\\w+", var.sumologic_access_id))
+    error_message = "The SumoLogic access ID must contain valid characters."
+  }
+}
+
+variable "sumologic_access_key" {
+  type        = string
+  description = "Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key"
+  sensitive = true
+
+  validation {
+    condition     = can(regex("\\w+", var.sumologic_access_key))
+    error_message = "The SumoLogic access key must contain valid characters."
+  }
+}
+
+variable "sumologic_organization_id" {
+  type        = string
+  description = <<EOT
+            You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."
+            For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page
+        EOT
+  validation {
+    condition     = can(regex("\\w+", var.sumologic_organization_id))
+    error_message = "The organization ID must contain valid characters."
+  }
+}
diff --git a/aws/kinesisfirehoseforlogs/examples/versions.tf b/aws/kinesisfirehoseforlogs/examples/versions.tf
@@ -0,0 +1,22 @@
+terraform {
+  required_version = ">= 0.13.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.16.2, < 6.0.0"
+    }
+    sumologic = {
+      version = ">= 2.28.3, < 3.0.0"
+      source  = "SumoLogic/sumologic"
+    }
+    time = {
+      source  = "hashicorp/time"
+      version = ">= 0.11.1"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.1.0"
+    }
+  }
+}
diff --git a/aws/kinesisfirehoseforlogs/versions.tf b/aws/kinesisfirehoseforlogs/versions.tf
@@ -7,8 +7,8 @@ terraform {
       version = ">= 5.16.2, < 6.0.0"
     }
     sumologic = {
-      version = ">= 2.9.0"
       source  = "SumoLogic/sumologic"
+      version = ">= 2.28.3, < 3.0.0"
     }
     random = {
       source  = "hashicorp/random"

Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,8 @@ terraform {`
`7`	`7`	`version = ">= 5.16.2, < 6.0.0"`
`8`	`8`	`}`
`9`	`9`	`sumologic = {`
`10`		`- version = ">= 2.9.0"`
`11`	`10`	`source = "SumoLogic/sumologic"`
	`11`	`+ version = ">= 2.28.3, < 3.0.0"`
`12`	`12`	`}`
`13`	`13`	`random = {`
`14`	`14`	`source = "hashicorp/random"`