| 123456789101112131415161718192021222324252627 |
- # Spit logs to splunk for each of the log groups
- module "kinesis_firehose" {
- source = "../../thirdparty/terraform-aws-kinesis-firehose-splunk"
- for_each = local.moose_cloudwatch_log_groups
- region = var.aws_region
- arn_cloudwatch_logs_to_ship = "arn:${var.aws_partition}:logs:${var.aws_region}::log-group:/${each.key}/*"
- name_cloudwatch_logs_to_ship = each.key
- hec_token = each.value.hec_token
- hec_url = "https://${local.hec_pub_ack}:8088"
- firehose_name = each.value.firehose_name
- tags = merge(local.standard_tags, var.tags)
- cloudwatch_log_retention = 30 # keep kinesis logs this long
- lambda_function_name = each.value.lambda_function_name
- log_stream_name = each.value.log_stream_name
- kinesis_firehose_lambda_role_name = each.value.kinesis_firehose_lambda_role_name
- lambda_iam_policy_name = each.value.lambda_iam_policy_name
- kinesis_firehose_iam_policy_name = each.value.kinesis_firehose_iam_policy_name
- kinesis_firehose_role_name = each.value.kinesis_firehose_role_name
- cloudwatch_to_firehose_trust_iam_role_name = each.value.cloudwatch_to_firehose_trust_iam_role_name
- cloudwatch_to_fh_access_policy_name = each.value.cloudwatch_to_fh_access_policy_name
- s3_bucket_name = each.value.s3_bucket_name
- s3_bucket_block_public_access_enabled = 1
- s3_backup_mode = "FailedEventsOnly"
- s3_expiration = 30
- }
|
