diff --git a/README.md b/README.md
index cf0af93..0c572aa 100644
--- a/README.md
+++ b/README.md
@@ -382,13 +382,13 @@ module "eventbridge" {
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
## Modules
@@ -505,6 +505,7 @@ No modules.
| [create\_schedules](#input\_create\_schedules) | Controls whether EventBridge Schedule resources should be created | `bool` | `true` | no |
| [create\_schemas\_discoverer](#input\_create\_schemas\_discoverer) | Controls whether default schemas discoverer should be created | `bool` | `false` | no |
| [create\_targets](#input\_create\_targets) | Controls whether EventBridge Target resources should be created | `bool` | `true` | no |
+| [dead\_letter\_config](#input\_dead\_letter\_config) | Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ) | `any` | `{}` | no |
| [ecs\_pass\_role\_resources](#input\_ecs\_pass\_role\_resources) | List of approved roles to be passed | `list(string)` | `[]` | no |
| [ecs\_target\_arns](#input\_ecs\_target\_arns) | The Amazon Resource Name (ARN) of the AWS ECS Tasks you want to use as EventBridge targets | `list(string)` | `[]` | no |
| [event\_source\_name](#input\_event\_source\_name) | The partner event source that the new event bus will be matched with. Must match name. | `string` | `null` | no |
diff --git a/examples/api-gateway-event-source/README.md b/examples/api-gateway-event-source/README.md
index dba189e..d44cdd0 100644
--- a/examples/api-gateway-event-source/README.md
+++ b/examples/api-gateway-event-source/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [random](#provider\_random) | >= 3.0 |
## Modules
diff --git a/examples/api-gateway-event-source/versions.tf b/examples/api-gateway-event-source/versions.tf
index 2767fad..e184ac5 100644
--- a/examples/api-gateway-event-source/versions.tf
+++ b/examples/api-gateway-event-source/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 392cd24..b5942dc 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [null](#requirement\_null) | >= 2.0 |
| [random](#requirement\_random) | >= 3.0 |
@@ -28,7 +28,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [null](#provider\_null) | >= 2.0 |
| [random](#provider\_random) | >= 3.0 |
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index b19aa4e..00a2dfa 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/default-bus/README.md b/examples/default-bus/README.md
index 7be746c..b13d6a9 100644
--- a/examples/default-bus/README.md
+++ b/examples/default-bus/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [random](#provider\_random) | >= 3.0 |
## Modules
diff --git a/examples/default-bus/versions.tf b/examples/default-bus/versions.tf
index 2767fad..e184ac5 100644
--- a/examples/default-bus/versions.tf
+++ b/examples/default-bus/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-api-destination/README.md b/examples/with-api-destination/README.md
index ea28e2b..559193b 100644
--- a/examples/with-api-destination/README.md
+++ b/examples/with-api-destination/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [random](#provider\_random) | >= 3.0 |
## Modules
@@ -35,6 +35,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Source | Version |
|------|--------|---------|
| [eventbridge](#module\_eventbridge) | ../../ | n/a |
+| [kms](#module\_kms) | terraform-aws-modules/kms/aws | ~> 2.0 |
## Resources
@@ -42,6 +43,7 @@ Note that this example may create resources which cost money. Run `terraform des
|------|------|
| [aws_iam_role.eventbridge](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [random_pet.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
## Inputs
diff --git a/examples/with-api-destination/main.tf b/examples/with-api-destination/main.tf
index d6ac8f9..87900a9 100644
--- a/examples/with-api-destination/main.tf
+++ b/examples/with-api-destination/main.tf
@@ -7,6 +7,8 @@ provider "aws" {
skip_credentials_validation = true
}
+data "aws_caller_identity" "current" {}
+
module "eventbridge" {
source = "../../"
@@ -143,6 +145,7 @@ module "eventbridge" {
value = random_pet.this.id
}
}
+ kms_key_identifier = module.kms.key_arn
}
}
@@ -200,3 +203,48 @@ data "aws_iam_policy_document" "assume_role" {
}
}
}
+
+module "kms" {
+ source = "terraform-aws-modules/kms/aws"
+ version = "~> 2.0"
+ description = "KMS key for EventBridge"
+
+ # Aliases
+ aliases = ["test"]
+ aliases_use_name_prefix = true
+ key_statements = [
+ {
+ sid = "Allow use of the key"
+ principals = [
+ {
+ type = "AWS"
+ identifiers = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"]
+ }
+ ]
+ actions = [
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
+ ]
+ resources = ["*"]
+ conditions = [
+ {
+ test = "StringLike"
+ values = ["secretsmanager.*.amazonaws.com"]
+ variable = "kms:ViaService"
+ },
+ {
+ test = "StringLike"
+ values = ["arn:aws:secretsmanager:*:*:secret:events!connection/*"]
+ variable = "kms:EncryptionContext:SecretARN"
+ }
+ ]
+ }
+ ]
+
+ tags = {
+ EventBridgeApiDestinations = "true"
+ }
+
+ key_owners = [data.aws_caller_identity.current.arn]
+}
diff --git a/examples/with-api-destination/versions.tf b/examples/with-api-destination/versions.tf
index 2767fad..e184ac5 100644
--- a/examples/with-api-destination/versions.tf
+++ b/examples/with-api-destination/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-archive/README.md b/examples/with-archive/README.md
index 7d17a50..3195a67 100644
--- a/examples/with-archive/README.md
+++ b/examples/with-archive/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [random](#provider\_random) | >= 3.0 |
## Modules
diff --git a/examples/with-archive/versions.tf b/examples/with-archive/versions.tf
index 2767fad..e184ac5 100644
--- a/examples/with-archive/versions.tf
+++ b/examples/with-archive/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-ecs-scheduling/README.md b/examples/with-ecs-scheduling/README.md
index 68d96e7..636cba1 100644
--- a/examples/with-ecs-scheduling/README.md
+++ b/examples/with-ecs-scheduling/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [random](#provider\_random) | >= 3.0 |
## Modules
diff --git a/examples/with-ecs-scheduling/versions.tf b/examples/with-ecs-scheduling/versions.tf
index 2767fad..e184ac5 100644
--- a/examples/with-ecs-scheduling/versions.tf
+++ b/examples/with-ecs-scheduling/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-lambda-scheduling/README.md b/examples/with-lambda-scheduling/README.md
index 815a4bb..242820b 100644
--- a/examples/with-lambda-scheduling/README.md
+++ b/examples/with-lambda-scheduling/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [null](#requirement\_null) | >= 2.0 |
| [random](#requirement\_random) | >= 3.0 |
diff --git a/examples/with-lambda-scheduling/versions.tf b/examples/with-lambda-scheduling/versions.tf
index b19aa4e..00a2dfa 100644
--- a/examples/with-lambda-scheduling/versions.tf
+++ b/examples/with-lambda-scheduling/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-permissions/README.md b/examples/with-permissions/README.md
index 6cae131..aa25bd5 100644
--- a/examples/with-permissions/README.md
+++ b/examples/with-permissions/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [random](#provider\_random) | >= 3.0 |
## Modules
diff --git a/examples/with-permissions/versions.tf b/examples/with-permissions/versions.tf
index 2767fad..e184ac5 100644
--- a/examples/with-permissions/versions.tf
+++ b/examples/with-permissions/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-pipes/README.md b/examples/with-pipes/README.md
index e416ece..cc7d2bb 100644
--- a/examples/with-pipes/README.md
+++ b/examples/with-pipes/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [null](#requirement\_null) | >= 2.0 |
| [random](#requirement\_random) | >= 3.0 |
@@ -28,7 +28,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [null](#provider\_null) | >= 2.0 |
| [random](#provider\_random) | >= 3.0 |
diff --git a/examples/with-pipes/versions.tf b/examples/with-pipes/versions.tf
index b19aa4e..00a2dfa 100644
--- a/examples/with-pipes/versions.tf
+++ b/examples/with-pipes/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/examples/with-schedules/README.md b/examples/with-schedules/README.md
index 698c9c9..2d9b747 100644
--- a/examples/with-schedules/README.md
+++ b/examples/with-schedules/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.85 |
+| [aws](#requirement\_aws) | >= 5.98 |
| [null](#requirement\_null) | >= 2.0 |
| [random](#requirement\_random) | >= 3.0 |
@@ -28,7 +28,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.85 |
+| [aws](#provider\_aws) | >= 5.98 |
| [null](#provider\_null) | >= 2.0 |
| [random](#provider\_random) | >= 3.0 |
diff --git a/examples/with-schedules/versions.tf b/examples/with-schedules/versions.tf
index b19aa4e..00a2dfa 100644
--- a/examples/with-schedules/versions.tf
+++ b/examples/with-schedules/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
random = {
source = "hashicorp/random"
diff --git a/main.tf b/main.tf
index adbf3d9..f5b9d6e 100644
--- a/main.tf
+++ b/main.tf
@@ -69,6 +69,13 @@ resource "aws_cloudwatch_event_bus" "this" {
event_source_name = var.event_source_name
kms_key_identifier = var.kms_key_identifier
+ dynamic "dead_letter_config" {
+ for_each = length(var.dead_letter_config) > 0 ? [var.dead_letter_config] : []
+ content {
+ arn = try(dead_letter_config.value.arn, null)
+ }
+ }
+
tags = var.tags
}
@@ -301,6 +308,7 @@ resource "aws_cloudwatch_event_connection" "this" {
name = each.value.Name
description = lookup(each.value, "description", null)
authorization_type = each.value.authorization_type
+ kms_key_identifier = try(each.value.kms_key_identifier, null)
dynamic "auth_parameters" {
for_each = [each.value.auth_parameters]
diff --git a/variables.tf b/variables.tf
index b391db1..e25aa21 100644
--- a/variables.tf
+++ b/variables.tf
@@ -144,6 +144,12 @@ variable "kms_key_identifier" {
default = null
}
+variable "dead_letter_config" {
+ description = "Configuration details of the Amazon SQS queue for EventBridge to use as a dead-letter queue (DLQ)"
+ type = any
+ default = {}
+}
+
variable "schemas_discoverer_description" {
description = "Default schemas discoverer description"
type = string
diff --git a/versions.tf b/versions.tf
index 8d0f72d..e138983 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.85"
+ version = ">= 5.98"
}
}
}