Skip to content

Commit

Permalink
feat(collection): export log groups (#104)
Browse files Browse the repository at this point in the history
* fix(subscriber): correct ARN validation for IAM role

Our logic was busted. It was passing tests because the test fixture had
a lambda ARN instead. Provide fix and add a new test for the happy path
of a firehose ARN alongside the role ARN.

* feat(collection): export log groups

Add static subscriptions for the log groups we do create. This should
not clash with the subscriber module since the filter name is set to
match (`observe-logs-subscription`).
  • Loading branch information
jta authored Nov 29, 2023
1 parent a8e57c4 commit 1650416
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 1 deletion.
45 changes: 44 additions & 1 deletion apps/collection/template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,6 @@ Resources:
TopicARN: !Ref Topic
Firehose:
Type: AWS::Serverless::Application
Condition: EnableSubscriber
Properties:
Location: ../firehose/template.yaml
NotificationARNs:
Expand All @@ -223,6 +222,34 @@ Resources:
Prefix: "cloudwatchlogs/"
WriterRoleService: "logs.amazonaws.com"
NameOverride: !Ref NameOverride
ForwarderLogGroupSubscription:
Type: AWS::Logs::SubscriptionFilter
Properties:
DestinationArn: !GetAtt
- Firehose
- Outputs.Firehose
FilterName: 'observe-logs-subscription'
FilterPattern: ''
LogGroupName: !GetAtt
- Forwarder
- Outputs.LogGroupName
RoleArn: !GetAtt
- Firehose
- Outputs.WriterRole
FirehoseLogGroupSubscription:
Type: AWS::Logs::SubscriptionFilter
Properties:
DestinationArn: !GetAtt
- Firehose
- Outputs.Firehose
FilterName: 'observe-logs-subscription'
FilterPattern: ''
LogGroupName: !GetAtt
- Firehose
- Outputs.LogGroupName
RoleArn: !GetAtt
- Firehose
- Outputs.WriterRole
Subscriber:
Type: AWS::Serverless::Application
Condition: EnableSubscriber
Expand All @@ -241,6 +268,22 @@ Resources:
LogGroupNamePrefixes: !Join [",", !Ref LogGroupNamePrefixes]
LogGroupNamePatterns: !Join [",", !Ref LogGroupNamePatterns]
NameOverride: !Ref NameOverride
SubscriberLogGroupSubscription:
Type: AWS::Logs::SubscriptionFilter
Condition: EnableSubscriber
Properties:
DestinationArn: !GetAtt
- Firehose
- Outputs.Firehose
FilterName: 'observe-logs-subscription'
FilterPattern: ''
LogGroupName: !GetAtt
- Subscriber
- Outputs.LogGroupName
RoleArn: !GetAtt
- Firehose
- Outputs.WriterRole

Outputs:
Bucket:
Description: "S3 Bucket Name"
Expand Down
3 changes: 3 additions & 0 deletions apps/firehose/template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -172,3 +172,6 @@ Outputs:
- CreateWriterRole
- !GetAtt 'WriterRole.Arn'
- ''
LogGroupName:
Description: "Log Group Name"
Value: !Ref LogGroup
3 changes: 3 additions & 0 deletions apps/forwarder/template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -290,3 +290,6 @@ Outputs:
Role:
Description: "IAM Role ARN"
Value: !GetAtt Role.Arn
LogGroupName:
Description: "Log Group Name"
Value: !Ref LogGroup
3 changes: 3 additions & 0 deletions apps/subscriber/template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -212,3 +212,6 @@ Outputs:
Function:
Description: "Lambda Function ARN"
Value: !GetAtt Subscriber.Arn
LogGroupName:
Description: "Log Group Name"
Value: !Ref LogGroup

0 comments on commit 1650416

Please sign in to comment.