Addded support for tags_filter in TF

SumoLogic · Sep 20, 2024 · a2bb09e · a2bb09e
1 parent 0bbd489
commit a2bb09e
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 3 deletions.
diff --git a/aws-observability-terraform/source-module/README.md b/aws-observability-terraform/source-module/README.md
@@ -71,7 +71,7 @@
 | <a name="input_auto_enable_access_logs"></a> [auto\_enable\_access\_logs](#input\_auto\_enable\_access\_logs) | Enable Application Load Balancer (ALB) Access logging.<br>            You have the following options:<br>            New - Automatically enables access logging for newly created ALB resources to collect logs for ALB resources. This does not affect ALB resources already collecting logs.<br>            Existing - Automatically enables access logging for existing ALB resources to collect logs for ALB resources.<br>            Both - Automatically enables access logging for new and existing ALB resources.<br>            None - Skips Automatic access Logging enable for ALB resources. | `string` | `"Both"` | no |
 | <a name="input_auto_enable_classic_lb_access_logs"></a> [auto\_enable\_classic\_lb\_access\_logs](#input\_auto\_enable\_classic\_lb\_access\_logs) | Enable Classic Load Balancer (CLB) Access logging.<br>            You have the following options:<br>            New - Automatically enables access logging for newly created CLB resources to collect logs for CLB resources. This does not affect CLB resources already collecting logs.<br>            Existing - Automatically enables access logging for existing CLB resources to collect logs for CLB resources.<br>            Both - Automatically enables access logging for new and existing CLB resources.<br>            None - Skips Automatic access Logging enable for CLB resources. | `string` | `"Both"` | no |
 | <a name="input_auto_enable_logs_subscription"></a> [auto\_enable\_logs\_subscription](#input\_auto\_enable\_logs\_subscription) | Subscribe log groups to Sumo Logic Lambda Forwarder.<br>            You have the following options:<br>            New - Automatically subscribes new log groups to send logs to Sumo Logic.<br>            Existing - Automatically subscribes existing log groups to send logs to Sumo Logic.<br>            Both - Automatically subscribes new and existing log groups.<br>            None - Skips Automatic subscription. | `string` | `"Both"` | no |
-| <a name="input_auto_enable_logs_subscription_options"></a> [auto\_enable\_logs\_subscription\_options](#input\_auto\_enable\_logs\_subscription\_options) | filter - Enter regex for matching CloudWatch Log groups name. Regex will check for the Log groups name. Visit https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Auto-Subscribe_AWS_Log_Groups_to_a_Lambda_Function#Configuring_parameters | <pre>object({<br>    filter = string<br>  })</pre> | <pre>{<br>  "filter": "apigateway|lambda|rds"<br>}</pre> | no |
+| <a name="input_auto_enable_logs_subscription_options"></a> [auto\_enable\_logs\_subscription\_options](#input\_auto\_enable\_logs\_subscription\_options) | filter - Enter regex for matching logGroups. Regex will check for the name. <br> tags_filter - Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed. <br> Visit https://help.sumologic.com/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters | <pre>object({<br>    filter = string <br>    tags_filter = string <br> })</pre>                                                                                                                  | <pre>{<br>  "filter": "lambda" <br>  "tags_filter" = "" <br> }</pre>                                                                                                                                                                                                                                                   |    no    |
 | <a name="input_aws_account_alias"></a> [aws\_account\_alias](#input\_aws\_account\_alias) | Provide the Name/Alias for the AWS environment from which you are collecting data. This name will appear in the Sumo Logic Explorer View, metrics, and logs.<br>            Please leave this blank if you are going to deploy the solution in multiple AWS accounts.<br>            Do not include special characters in the alias. | `string` | n/a | yes |
 | <a name="input_classic_lb_log_source_url"></a> [classic\_lb\_log\_source\_url](#input\_classic\_lb\_log\_source\_url) | Required if you are already collecting Classic LB logs. Provide the existing Sumo Logic Classic LB Source API URL. The account, accountid, and region fields will be added to the Source. For information on how to determine the URL, see [View or Download Source JSON Configuration](https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration). | `string` | `""` | no |
 | <a name="input_classic_lb_source_details"></a> [classic\_lb\_source\_details](#input\_classic\_lb\_source\_details) | Provide details for the Sumo Logic Classic Load Balancer source. If not provided, then defaults will be used.<br>            To enable collection of classic load balancer logs, set collect\_classic\_lb\_logs to true and provide configuration information for the bucket.<br>            If create\_bucket is false, provide a name of an existing S3 bucket where you would like to store loadbalancer logs. If this is empty, a new bucket will be created in the region.<br>            If create\_bucket is true, the script creates a bucket, the name of the bucket has to be unique; this is achieved internally by generating a random-id and then post-fixing it to the “aws-observability-” string.<br>            path\_expression - This is required in case the above existing bucket is already configured to receive Classic LB access logs. If this is blank, Sumo Logic will store logs in the path expression: *classicloadbalancing/AWSLogs/*/elasticloadbalancing/*/* | <pre>object({<br>    source_name     = string<br>    source_category = string<br>    description     = string<br>    bucket_details = object({<br>      create_bucket        = bool<br>      bucket_name          = string<br>      path_expression      = string<br>      force_destroy_bucket = bool<br>    })<br>    fields = map(string)<br>  })</pre> | <pre>{<br>  "bucket_details": {<br>    "bucket_name": "aws-observability-random-id",<br>    "create_bucket": true,<br>    "force_destroy_bucket": true,<br>    "path_expression": "*classicloadbalancing/AWSLogs/<ACCOUNT-ID>/elasticloadbalancing/<REGION-NAME>/*"<br>  },<br>  "description": "This source is created using Sumo Logic terraform AWS Observability module to collect AWS Classic LoadBalancer logs.",<br>  "fields": {},<br>  "source_category": "aws/observability/clb/logs",<br>  "source_name": "Classic lb Logs (Region)"<br>}</pre> | no |

diff --git a/aws-observability-terraform/source-module/main.tf b/aws-observability-terraform/source-module/main.tf
@@ -233,6 +233,7 @@ module "cloudwatch_logs_lambda_log_forwarder_module" {
   app_semantic_version = "1.0.14"
   auto_enable_logs_subscription_options = {
     filter = var.auto_enable_logs_subscription_options.filter
+    tags_filter = var.auto_enable_logs_subscription_options.tags_filter
   }
 }
 
@@ -262,6 +263,7 @@ module "kinesis_firehose_for_logs_module" {
   app_semantic_version = "1.0.14"
   auto_enable_logs_subscription_options = {
     filter = var.auto_enable_logs_subscription_options.filter
+    tags_filter = var.auto_enable_logs_subscription_options.tags_filter
   }
 }
 

diff --git a/aws-observability-terraform/source-module/variables.tf b/aws-observability-terraform/source-module/variables.tf
@@ -499,12 +499,18 @@ variable "auto_enable_logs_subscription" {
 variable "auto_enable_logs_subscription_options" {
   type = object({
     filter = string
+    tags_filter = string
   })
+
   description = <<EOT
-		    filter - Enter regex for matching CloudWatch Log groups name. Regex will check for the Log groups name. Visit https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Auto-Subscribe_AWS_Log_Groups_to_a_Lambda_Function#Configuring_parameters
-	    EOT
+		filter - Enter regex for matching logGroups. Regex will check for the name.
+        tags_filter - Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed.
+        Visit https://help.sumologic.com/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters
+	EOT
+
   default = {
     filter = "apigateway|lambda|rds"
+    tags_filter = ""
   }
 }