This module configure CloudwatchLog and stream logs to s3 bucket via Kinesis Firehose
Requirements
| Name | Version |
|---|---|
| terraform | ~> 1.3.0 |
| aws | >= 5.0 |
Providers
| Name | Version |
|---|---|
| aws | >= 5.0 |
| random | n/a |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.firehose-log | resource |
| aws_cloudwatch_log_subscription_filter.cwl-sub-filter | resource |
| aws_iam_policy.cwlog-role-policy | resource |
| aws_iam_policy.firehose-role-policy | resource |
| aws_iam_role.cwlog-stream-role | resource |
| aws_iam_role.firehose-stream-iam-role | resource |
| aws_iam_role_policy_attachment.cwlog-role-policy-attachment | resource |
| aws_iam_role_policy_attachment.firehose-role-policy-attachment | resource |
| aws_kinesis_firehose_delivery_stream.cwl-s3-firehose-stream | resource |
| random_id.rid | resource |
| aws_caller_identity.this | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cwl-region | AWS region where Cloudwatch LogGroup resides. Needed for setting up cwlog-stream-role | string |
n/a | yes |
| dest-bucket-arn | Destination S3 bucket ARN | string |
n/a | yes |
| dest-bucket-kmskey-arn | KMS key ARN for destination bucket | string |
n/a | yes |
| dest-bucket-prefix | S3 object prefix for this stream. Please do not start with / end with a /. For example, r53-log/acme.local/ | string |
n/a | yes |
| enable-firehose-errorlog | Enable firehose errorlog | bool |
false |
no |
| firehose-kmskey-arn | KMS Key arn for Firehose | string |
n/a | yes |
| source-cwlgroup-name | Name of source CloudwatchLog group | string |
n/a | yes |
| stream-name | Name of Kinesis Data Firehose delivery stream | string |
n/a | yes |
Outputs
| Name | Description |
|---|---|
| cloudwatchstream-iam-role-arn | n/a |
| firehose-iam-role-arn | n/a |
Authorship
This module was developed by Rackspace.