Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AWSO v2.9.0 telemetry changes #191

Merged
merged 3 commits into from
Jul 1, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion aws-observability/scripts/YamlToS3.sh
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ fi
# Upload all templates to sumologic-appdev-aws-sam-apps bucket with version information.
if [[ ${AWS_PROFILE} == 'default' ]]
then
export version=v2.8.0
export version=v2.9.0

aws s3 cp apps/ s3://${bucket_name}/aws-observability-versions/${version}/ --recursive --include "*.template.yaml" --exclude '*.zip' --exclude '*.sh' --exclude 'apps/*/test/*' --exclude '*/test/*' --acl public-read --profile ${AWS_PROFILE}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
- Section1cSumoLogicAccessKey
- Section1dSumoLogicOrganizationId
- Section1eSumoLogicResourceRemoveOnDeleteStack
- Section1fSumoLogicSendTelemetry

- Label:
default: "2. AWS Account Alias"
Expand Down Expand Up @@ -87,6 +88,8 @@
default: "Sumo Logic Organization Id"
Section1eSumoLogicResourceRemoveOnDeleteStack:
default: "Delete Sumo Logic Resources when stack is deleted"
Section1fSumoLogicSendTelemetry:
default: "Send telemetry to Sumo Logic"

Section2aAccountAlias:
default: "Alias for AWS Account Identification. Please leave this blank if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts."
Expand Down Expand Up @@ -189,6 +192,13 @@
Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True.
Deletes the resources created by the stack. Deletion of updated resources will be skipped."
Type: String
Section1fSumoLogicSendTelemetry:
AllowedValues:
- true
- false
Default: true
Description: "To send telemetry to Sumo Logic, set this parameter to True. Default is True."
Type: String

Section2aAccountAlias:
Type: String
Expand Down Expand Up @@ -457,6 +467,9 @@
# Condition for Stacks creation. Calling Nested Stack EveryTime to create FER and Metric Rule. If already present, marked as duplicate in Resource.
install_overview_dashboards: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ]

# Condition for sending solution telemetry to sumo logic.
send_telemetry_to_sumo: !Equals [ !Ref Section1fSumoLogicSendTelemetry, 'true' ]

Mappings:
CommonData:
NestedTemplate:
Expand All @@ -472,8 +485,171 @@
InventorySourceCategory: "aws/observability/inventory"
XraySourceCategory: "aws/observability/xray"
ELBLogsSourceCategory: "aws/observability/clb/logs"
RegionMap:
us-east-1:
bucketname: appdevzipfiles-us-east-1
us-east-2:
bucketname: appdevzipfiles-us-east-2
us-west-1:
bucketname: appdevzipfiles-us-west-1
us-west-2:
bucketname: appdevzipfiles-us-west-2
ap-south-1:
bucketname: appdevzipfiles-ap-south-1
ap-northeast-2:
bucketname: appdevzipfiles-ap-northeast-2
ap-southeast-1:
bucketname: appdevzipfiles-ap-southeast-1
ap-southeast-2:
bucketname: appdevzipfiles-ap-southeast-2
ap-northeast-1:
bucketname: appdevzipfiles-ap-northeast-1
ca-central-1:
bucketname: appdevzipfiles-ca-central-1
eu-central-1:
bucketname: appdevzipfiles-eu-central-1
eu-west-1:
bucketname: appdevzipfiles-eu-west-1
eu-west-2:
bucketname: appdevzipfiles-eu-west-2
eu-west-3:
bucketname: appdevzipfiles-eu-west-3
eu-north-1:
bucketname: appdevzipfiles-eu-north-1s
sa-east-1:
bucketname: appdevzipfiles-sa-east-1
ap-east-1:
bucketname: appdevzipfiles-ap-east-1s
af-south-1:
bucketname: appdevzipfiles-af-south-1s
eu-south-1:
bucketname: appdevzipfiles-eu-south-1
me-south-1:
bucketname: appdevzipfiles-me-south-1s
me-central-1:
bucketname: appdevzipfiles-me-central-1
eu-central-2:
bucketname: appdevzipfiles-eu-central-2ss
ap-northeast-3:
bucketname: appdevzipfiles-ap-northeast-3s
ap-southeast-3:
bucketname: appdevzipfiles-ap-southeast-3

Resources:
LambdaRole:

Check warning on line 539 in aws-observability/templates/sumologic_observability.master.template.yaml

View workflow job for this annotation

GitHub Actions / Validatation (cfn-lint)

W3011 Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/LambdaRole from deletion
Condition: send_telemetry_to_sumo
Type: AWS::IAM::Role
DeletionPolicy: Retain
Metadata:
cfn_nag:
rules_to_suppress:
- id: W11
reason: "Operations are performed across resources."
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
Path: /
Policies:
- PolicyName: LambdaExecutePolicies
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- lambda:InvokeFunction
- lambda:DeleteFunction
Resource: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:*TelemetryLambda*'
- PolicyName: BasicLambdaPolicies
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource: "*"
- PolicyName: CloudFormationRead
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- cloudformation:Describe*
Resource: !Sub '${AWS::StackId}'

TelemetryLambda:

Check warning on line 586 in aws-observability/templates/sumologic_observability.master.template.yaml

View workflow job for this annotation

GitHub Actions / Validatation (cfn-lint)

W3011 Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/TelemetryLambda from deletion
Condition: send_telemetry_to_sumo
Type: AWS::Lambda::Function
DeletionPolicy: Retain
Properties:
Handler: lambda_function.lambda_handler
Runtime: python3.12
Code:
S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ]
S3Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.0.0.zip"
MemorySize: 128
Timeout: 900
Role: !GetAtt LambdaRole.Arn

LambdaPermission:
Condition: send_telemetry_to_sumo
Type: 'AWS::Lambda::Permission'
# DeletionPolicy: Retain
Properties:
FunctionName: !GetAtt TelemetryLambda.Arn
Action: 'lambda:InvokeFunction'
Principal: 'cloudformation.amazonaws.com'

Primerinvoke:
Condition: send_telemetry_to_sumo
Type: AWS::CloudFormation::CustomResource
Version: "1.0"
Properties:
ServiceToken: !GetAtt TelemetryLambda.Arn
Handler: lambda_function.lambda_handler
stackID:
Ref: "AWS::StackId"
sumoDeployment:
!Ref Section1aSumoLogicDeployment
sumoOrgId:
!Ref Section1dSumoLogicOrganizationId
solutionName: 'AWSO'
solutionVersion: 'v2.9.0'
deploymentSource: 'cloudFormation'
TelemetryEndpoint: ""
scanInterval: 60
ToUpdate:
Fn::Base64: !Sub
- "${a}-${b}-${c}-${d}-${e}-${f}-${g}-${h}-${i}-${j}-${k}-${l}-${m}-${n}-${o}-${p}-${q}-${r}-${s}-${t}-${u}-${v}"
- a: !Ref Section2aAccountAlias
b: !Ref Section3aInstallObservabilityApps
c: !Ref Section4aCreateMetricsSourceOptions
d: !Ref Section4bMetricsNameSpaces
e: !Ref Section4cCloudWatchExistingSourceAPIUrl
f: !Ref Section5aAutoEnableS3LogsALBResourcesOptions
g: !Ref Section5bALBCreateLogSource
h: !Ref Section5cALBLogsSourceUrl
i: !Ref Section5dALBS3LogsBucketName
j: !Ref Section6aCreateCloudTrailLogSource
k: !Ref Section6bCloudTrailLogsSourceUrl
l: !Ref Section6cCloudTrailLogsBucketName
m: !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions
n: !Ref Section7bLambdaCloudWatchLogsSourceUrl
o: !Ref Section7cAutoSubscribeLogGroupsOptions
p: !Ref Section7dAutoSubscribeLogGroupPattern
q: !Ref Section9aAutoEnableS3LogsELBResourcesOptions
r: !Ref Section9bELBCreateLogSource
s: !Ref Section9cELBLogsSourceUrl
t: !Ref Section9dELBS3LogsBucketName
u: !Ref Section10aAppInstallLocation
v: !FindInMap [CommonData, NestedTemplate, Version]

CreateCommonResources:
Type: AWS::CloudFormation::Stack
Properties:
Expand Down
Loading