Skip to content

Commit

Permalink
feat(collection): enable cloudwatch logs discovery
Browse files Browse the repository at this point in the history
Configure daily discovery event. This can be hardcoded to reduce
configuration fatigue.

As a result of this change, we can no longer explicitly configure
subscription filters, since there is a possibility of race condition
between "discovery" and the explicit filter. If a user wants to
forward the log groups created by the stack, they would have to provide
the stack name as one of the LogGroupPatterns.
  • Loading branch information
jta committed Dec 14, 2023
1 parent c2297b4 commit bd86078
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 43 deletions.
44 changes: 1 addition & 43 deletions apps/collection/template.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -233,34 +233,6 @@ Resources:
Prefix: "cloudwatchlogs/"
WriterRoleService: "logs.amazonaws.com"
NameOverride: !Ref NameOverride
ForwarderLogGroupSubscription:
Type: AWS::Logs::SubscriptionFilter
Properties:
DestinationArn: !GetAtt
- Firehose
- Outputs.Firehose
FilterName: 'observe-logs-subscription'
FilterPattern: ''
LogGroupName: !GetAtt
- Forwarder
- Outputs.LogGroupName
RoleArn: !GetAtt
- Firehose
- Outputs.WriterRole
FirehoseLogGroupSubscription:
Type: AWS::Logs::SubscriptionFilter
Properties:
DestinationArn: !GetAtt
- Firehose
- Outputs.Firehose
FilterName: 'observe-logs-subscription'
FilterPattern: ''
LogGroupName: !GetAtt
- Firehose
- Outputs.LogGroupName
RoleArn: !GetAtt
- Firehose
- Outputs.WriterRole
Subscriber:
Type: AWS::Serverless::Application
Condition: EnableSubscriber
Expand All @@ -278,22 +250,8 @@ Resources:
- Outputs.WriterRole
LogGroupNamePrefixes: !Join [",", !Ref LogGroupNamePrefixes]
LogGroupNamePatterns: !Join [",", !Ref LogGroupNamePatterns]
DiscoveryRate: "24 hours"
NameOverride: !Ref NameOverride
SubscriberLogGroupSubscription:
Type: AWS::Logs::SubscriptionFilter
Condition: EnableSubscriber
Properties:
DestinationArn: !GetAtt
- Firehose
- Outputs.Firehose
FilterName: 'observe-logs-subscription'
FilterPattern: ''
LogGroupName: !GetAtt
- Subscriber
- Outputs.LogGroupName
RoleArn: !GetAtt
- Firehose
- Outputs.WriterRole

Outputs:
Bucket:
Expand Down
4 changes: 4 additions & 0 deletions integration/tests/collection.tftest.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,10 @@ variables {
"s3:ListBucket",
"s3:PutBucketNotification",
"s3:PutLifecycleConfiguration",
"scheduler:GetSchedule",
"scheduler:CreateSchedule",
"scheduler:UpdateSchedule",
"scheduler:DeleteSchedule",
"sns:CreateTopic",
"sns:DeleteTopic",
"sns:GetTopicAttributes",
Expand Down

0 comments on commit bd86078

Please sign in to comment.