Merge pull request #14 from nextgenhealthcare/aws-s3-sns

Add Url Field to AWS Log Source for SNS Integration

examples/aws-cloudtrail-source/aws_cloudtrail.tf

@@ -75,3 +75,12 @@ resource "aws_cloudtrail" "sumologic" {
   is_multi_region_trail      = true
   enable_log_file_validation = true
 }
+
+resource "aws_s3_bucket_notification" "bucket_notification" {
+  bucket = "${aws_s3_bucket.security_logs.id}"
+
+  topic {
+    topic_arn = "${aws_sns_topic.s3_updates.arn}"
+    events    = ["s3:ObjectCreated:*"]
+  }
+}

examples/aws-cloudtrail-source/aws_iam.tf

@@ -19,7 +19,7 @@ data "aws_iam_policy_document" "sumologic_assume_role_policy" {
 }
 
 resource "aws_iam_role" "sumologic" {
-  name = "SumoLogicLogAccess2"
+  name = "SumoLogicLogAccess"
 
   assume_role_policy = "${data.aws_iam_policy_document.sumologic_assume_role_policy.json}"
 }

examples/aws-cloudtrail-source/aws_sns.tf

@@ -0,0 +1,86 @@
+data "aws_caller_identity" "current" {}
+
+resource "aws_sns_topic" "s3_updates" {
+  name = "terraform-provider-sumologic-cloudtrail-${random_pet.name.id}"
+}
+
+data "aws_iam_policy_document" "s3_updates" {
+  policy_id = "__default_policy_ID"
+
+  statement {
+    actions = [
+      "SNS:Subscribe",
+      "SNS:SetTopicAttributes",
+      "SNS:RemovePermission",
+      "SNS:Receive",
+      "SNS:Publish",
+      "SNS:ListSubscriptionsByTopic",
+      "SNS:GetTopicAttributes",
+      "SNS:DeleteTopic",
+      "SNS:AddPermission",
+    ]
+
+    condition {
+      test     = "StringEquals"
+      variable = "AWS:SourceOwner"
+
+      values = [
+        "${data.aws_caller_identity.current.account_id}",
+      ]
+    }
+
+    effect = "Allow"
+
+    principals {
+      type        = "AWS"
+      identifiers = ["*"]
+    }
+
+    resources = [
+      "${aws_sns_topic.s3_updates.arn}",
+    ]
+
+    sid = "__default_statement_ID"
+  }
+
+  statement {
+    actions = [
+      "SNS:Publish",
+    ]
+
+    condition {
+      test     = "ArnLike"
+      variable = "aws:SourceArn"
+
+      values = [
+        "${aws_s3_bucket.security_logs.arn}",
+      ]
+    }
+
+    effect = "Allow"
+
+    principals {
+      type        = "AWS"
+      identifiers = ["*"]
+    }
+
+    resources = [
+      "${aws_sns_topic.s3_updates.arn}",
+    ]
+
+    sid = "AllowS3Updates"
+  }
+}
+
+resource "aws_sns_topic_policy" "s3_updates" {
+  arn = "${aws_sns_topic.s3_updates.arn}"
+
+  policy = "${data.aws_iam_policy_document.s3_updates.json}"
+}
+
+resource "aws_sns_topic_subscription" "s3_updates" {
+  topic_arn              = "${aws_sns_topic.s3_updates.arn}"
+  protocol               = "https"
+  endpoint               = "${sumologic_aws_log_source.example.url}"
+  endpoint_auto_confirms = true
+}

examples/aws-cloudtrail-source/sumologic.tf

@@ -3,11 +3,14 @@ resource "sumologic_hosted_collector" "example" {
 }
 
 resource "sumologic_aws_log_source" "example" {
+  # SumoLogic will error if the IAM policy isn't attached yet
+  depends_on = ["aws_iam_role_policy_attachment.sumologic"]
+
   name                 = "CloudTrail"
   collector_id         = "${sumologic_hosted_collector.example.id}"
   category             = "cloudtrail/example"
   source_type          = "Polling"
-  scan_interval        = 60000
+  scan_interval        = -1
   content_type         = "AwsCloudTrailBucket"
   cutoff_relative_time = "-0h"
 

sumologic/resource_sumologic_aws_log_source.go

@@ -76,6 +76,11 @@ func resourceAWSLogSource() *schema.Resource {
 				Optional: true,
 				Computed: true,
 			},
+			"url": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
 			"third_party_ref": {
 				Type:     schema.TypeList,
 				MaxItems: 1,
@@ -156,6 +161,7 @@ func resourceAWSLogSourceCreate(d *schema.ResourceData, m interface{}) error {
 		MultilineProcessingEnabled: d.Get("multiline_processing_enabled").(bool),
 		UseAutolineMatching:        d.Get("use_autoline_matching").(bool),
 		ManualPrefixRegexp:         d.Get("manual_prefix_regexp").(string),
+		Url:                        d.Get("url").(string),
 		ThirdPartyRef: sumologic.AWSBucketThirdPartyRef{
 			Resources: make([]sumologic.AWSBucketResource, 0),
 		},
@@ -220,6 +226,7 @@ func resourceAWSLogSourceRead(d *schema.ResourceData, m interface{}) error {
 	d.Set("multiline_processing_enabled", source.MultilineProcessingEnabled)
 	d.Set("use_autoline_matching", source.UseAutolineMatching)
 	d.Set("manual_prefix_regexp", source.ManualPrefixRegexp)
+	d.Set("url", source.Url)
 	d.Set("third_party_ref.0.resources.0.service_type", source.ThirdPartyRef.Resources[0].ServiceType)
 	d.Set("third_party_ref.0.resources.0.path.0.type", source.ThirdPartyRef.Resources[0].Path.Type)
 	d.Set("third_party_ref.0.resources.0.path.0.bucket_name", source.ThirdPartyRef.Resources[0].Path.BucketName)
@@ -248,6 +255,7 @@ func resourceAWSLogSourceUpdate(d *schema.ResourceData, m interface{}) error {
 		MultilineProcessingEnabled: d.Get("multiline_processing_enabled").(bool),
 		UseAutolineMatching:        d.Get("use_autoline_matching").(bool),
 		ManualPrefixRegexp:         d.Get("manual_prefix_regexp").(string),
+		Url:                        d.Get("url").(string),
 		ThirdPartyRef: sumologic.AWSBucketThirdPartyRef{
 			Resources: make([]sumologic.AWSBucketResource, 0),
 		},

vendor/vendor.json

@@ -706,10 +706,10 @@
 			"revisionTime": "2018-01-26T22:14:23Z"
 		},
 		{
-			"checksumSHA1": "68FAbb9uiW5WqrdmHugQWFHBXdY=",
+			"checksumSHA1": "Gh0TLmqt5eORLmo5Yv6sedDfYcU=",
 			"path": "github.com/nextgenhealthcare/sumologic-sdk-go",
-			"revision": "ceaa34c784edba6b42d06f81e16e362c0b303f35",
-			"revisionTime": "2018-11-01T18:55:23Z"
+			"revision": "c3fbcf9c9cf3255fb37c2bdafb89615e41ec6a61",
+			"revisionTime": "2018-11-09T14:42:39Z"
 		},
 		{
 			"checksumSHA1": "Sfxv8SV6j8m6YD+hwvlMJjq2zfg=",