AFS
/
xdr-terraform-modules


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203
							resource "aws_cloudwatch_log_group" "function_scheduler" {
  name              = "/aws/lambda/${aws_lambda_function.portal_scheduler.function_name}"
  retention_in_days = 14
  tags              = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_log_group" "function_customer_sync" {
  name              = "/aws/lambda/${aws_lambda_function.portal_customer_sync.function_name}"
  retention_in_days = 14
  tags              = merge(local.standard_tags, var.tags)
}

###
### Trigger Portal Scheduler Lambda with Rules and Targets
###

### Time-based rules for portal sync:
resource "aws_cloudwatch_event_rule" "portal_scheduler_quarter_hourly_rule" {
  name                = "aws-portal-lambda-scheduler-quarter-hourly"
  description         = "Rule for portal scheduler lambda function - every 15 minutes"
  schedule_expression = "rate(15 minutes)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_third_hourly_rule" {
  name                = "aws-portal-lambda-scheduler-third-hourly"
  description         = "Rule for portal scheduler lambda function - every 20th minute"
  schedule_expression = "cron(0/20 * * * ? *)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_half_hourly_rule" {
  name                = "aws-portal-lambda-scheduler-half-hourly"
  description         = "Rule for portal scheduler lambda function - every 30 minutes"
  schedule_expression = "rate(30 minutes)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_hourly_rule" {
  name                = "aws-portal-lambda-scheduler-hourly"
  description         = "Rule for portal scheduler lambda function - every hour"
  schedule_expression = "rate(1 hour)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_four_hourly_rule" {
  name                = "aws-portal-lambda-scheduler-four-hourly"
  description         = "Rule for portal scheduler lambda function - every 4 hours"
  schedule_expression = "rate(4 hours)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_daily_rule" {
  name                = "aws-portal-lambda-scheduler-daily"
  description         = "Rule for portal scheduler lambda function - every day"
  schedule_expression = "cron(5 5 * * ? *)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_weekly_rule" {
  name                = "aws-portal-lambda-scheduler-weekly"
  description         = "Rule for portal scheduler lambda function - every week"
  schedule_expression = "rate(7 days)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

resource "aws_cloudwatch_event_rule" "portal_scheduler_monthly_rule" {
  name                = "aws-portal-lambda-scheduler-monthly"
  description         = "Rule for portal scheduler lambda function - every month"
  schedule_expression = "cron(0 17 1 * ? *)"
  is_enabled          = var.environment == "test" ? false : true
  tags                = merge(local.standard_tags, var.tags)
}

### Time-based targets for portal scheduler:
resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_quarter_hourly" {
  target_id = "PortalSchedulerQuarterHourly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_quarter_hourly_rule.name
  input     = "{\"frequency_identifier\":\"quarter-hourly\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_third_hourly" {
  target_id = "PortalSchedulerThirdHourly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_third_hourly_rule.name
  input     = "{\"frequency_identifier\":\"threat-q-twenty-minute\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_half_hourly" {
  target_id = "PortalSchedulerHalfHourly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_half_hourly_rule.name
  input     = "{\"frequency_identifier\":\"half-hourly\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_hourly" {
  target_id = "PortalSchedulerHourly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_hourly_rule.name
  input     = "{\"frequency_identifier\":\"hourly\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_four_hourly" {
  target_id = "PortalSchedulerFourHourly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_four_hourly_rule.name
  input     = "{\"frequency_identifier\":\"four-hourly\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_daily" {
  target_id = "PortalSchedulerDaily"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_daily_rule.name
  input     = "{\"frequency_identifier\":\"daily\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_weekly" {
  target_id = "PortalSchedulerWeekly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_weekly_rule.name
  input     = "{\"frequency_identifier\":\"weekly\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}

resource "aws_cloudwatch_event_target" "portal_scheduler_cloudwatch_target_monthly" {
  target_id = "PortalSchedulerMonthly"
  rule      = aws_cloudwatch_event_rule.portal_scheduler_monthly_rule.name
  input     = "{\"frequency_identifier\":\"monthly\"}"
  arn       = aws_lambda_function.portal_scheduler.arn
}


### Invoke permissions for Time-based rules for portal sync:
resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_quarter_hourly" {
  statement_id  = "AllowExecutionFromCloudWatchQuarterHourly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_quarter_hourly_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_third_hourly" {
  statement_id  = "AllowExecutionFromCloudWatchThirdHourly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_third_hourly_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_half_hourly" {
  statement_id  = "AllowExecutionFromCloudWatchHalfHourly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_half_hourly_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_hourly" {
  statement_id  = "AllowExecutionFromCloudWatchHourly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_hourly_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_four_hourly" {
  statement_id  = "AllowExecutionFromCloudWatchFourHourly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_four_hourly_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_daily" {
  statement_id  = "AllowExecutionFromCloudWatchDaily"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_daily_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_weekly" {
  statement_id  = "AllowExecutionFromCloudWatchWeekly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_weekly_rule.arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call_portal_scheduler_monthly" {
  statement_id  = "AllowExecutionFromCloudWatchMonthly"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.portal_scheduler.function_name
  principal     = "events.amazonaws.com"
  source_arn    = aws_cloudwatch_event_rule.portal_scheduler_monthly_rule.arn
}