From 37701a060872da245fd35117e0fcb88065f24d36 Mon Sep 17 00:00:00 2001 From: Chiaki Sugawara <4737990+ch1aki@users.noreply.github.com> Date: Thu, 29 Aug 2024 07:39:30 +0900 Subject: [PATCH] feat: Add variable for applying tags to the log_forwarder bucket (#41) --- README.md | 1 + examples/complete/main.tf | 1 + main.tf | 1 + modules/log_forwarder/README.md | 1 + modules/log_forwarder/main.tf | 2 +- modules/log_forwarder/variables.tf | 6 ++++++ variables.tf | 6 ++++++ 7 files changed, 17 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7c9dcfc..f0e9930 100644 --- a/README.md +++ b/README.md @@ -131,6 +131,7 @@ Examples codified under the [`examples`](https://github.com/terraform-aws-module | [kms\_alias](#input\_kms\_alias) | Alias of KMS key used to encrypt the Datadog API keys - must start with `alias/` | `string` | n/a | yes | | [log\_forwarder\_architectures](#input\_log\_forwarder\_architectures) | Instruction set architecture for your Lambda function. Valid values are `["x86_64"]` and `["arm64"]`. Default is `["x86_64"]` | `list(string)` |
[| no | | [log\_forwarder\_bucket\_prefix](#input\_log\_forwarder\_bucket\_prefix) | S3 object key prefix to prepend to zip archive name | `string` | `""` | no | +| [log\_forwarder\_bucket\_tags](#input\_log\_forwarder\_bucket\_tags) | A map of tags to apply to the log forwarder bucket | `map(any)` | `{}` | no | | [log\_forwarder\_environment\_variables](#input\_log\_forwarder\_environment\_variables) | A map of environment variables for the log forwarder lambda function | `map(string)` | `{}` | no | | [log\_forwarder\_kms\_key\_arn](#input\_log\_forwarder\_kms\_key\_arn) | KMS key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key | `string` | `null` | no | | [log\_forwarder\_lambda\_tags](#input\_log\_forwarder\_lambda\_tags) | A map of tags to apply to the log forwarder lambda function | `map(string)` | `{}` | no | diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 97555ca..681a557 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -73,6 +73,7 @@ module "default" { log_forwarder_role_tags = { ForwarderRole = true } log_forwarder_s3_log_bucket_arns = [module.log_bucket_1.s3_bucket_arn, module.log_bucket_2.s3_bucket_arn] log_forwarder_tags = { LogForwarder = true } + log_forwarder_bucket_tags = { ForwarderBucket = true } rds_em_forwarder_name = "complete-datadog-rds-forwarder" rds_em_forwarder_memory_size = 512 diff --git a/main.tf b/main.tf index 5060e3b..649ea2f 100644 --- a/main.tf +++ b/main.tf @@ -31,6 +31,7 @@ module "log_forwarder" { create_bucket = var.create_bucket bucket_name = var.bucket_name bucket_prefix = var.log_forwarder_bucket_prefix + bucket_tags = var.log_forwarder_bucket_tags bucket_attach_deny_insecure_transport_policy = var.bucket_attach_deny_insecure_transport_policy bucket_encryption_settings = var.bucket_encryption_settings diff --git a/modules/log_forwarder/README.md b/modules/log_forwarder/README.md index 5ae4c04..5ac3c79 100644 --- a/modules/log_forwarder/README.md +++ b/modules/log_forwarder/README.md @@ -84,6 +84,7 @@ module "datadog_log_forwarder" { | [bucket\_encryption\_settings](#input\_bucket\_encryption\_settings) | S3 bucket server side encryption settings | `map(string)` |
"x86_64"
]
{| no | | [bucket\_name](#input\_bucket\_name) | Forwarder S3 bucket name | `string` | `""` | no | | [bucket\_prefix](#input\_bucket\_prefix) | S3 object key prefix to prepend to zip archive name | `string` | `""` | no | +| [bucket\_tags](#input\_bucket\_tags) | A map of tags to apply to the bucket | `map(string)` | `{}` | no | | [create](#input\_create) | Controls whether the forwarder resources should be created | `bool` | `true` | no | | [create\_bucket](#input\_create\_bucket) | Controls whether an S3 bucket should be created for the forwarder | `bool` | `true` | no | | [create\_role](#input\_create\_role) | Controls whether an IAM role is created for the forwarder | `bool` | `true` | no | diff --git a/modules/log_forwarder/main.tf b/modules/log_forwarder/main.tf index a3715d6..ea18b9e 100644 --- a/modules/log_forwarder/main.tf +++ b/modules/log_forwarder/main.tf @@ -47,7 +47,7 @@ module "this_s3_bucket" { } } - tags = var.tags + tags = merge(var.tags, var.bucket_tags) } ################################################################################ diff --git a/modules/log_forwarder/variables.tf b/modules/log_forwarder/variables.tf index 095d7cf..c16e9fe 100644 --- a/modules/log_forwarder/variables.tf +++ b/modules/log_forwarder/variables.tf @@ -63,6 +63,12 @@ variable "bucket_prefix" { default = "" } +variable "bucket_tags" { + description = "A map of tags to apply to the bucket" + type = map(string) + default = {} +} + variable "s3_zip_storage_class" { description = "Specifies the desired Storage Class for the zip object. Can be either `STANDARD`, `REDUCED_REDUNDANCY`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, or `STANDARD_IA`" type = string diff --git a/variables.tf b/variables.tf index 314c6ae..66e0e86 100644 --- a/variables.tf +++ b/variables.tf @@ -68,6 +68,12 @@ variable "log_forwarder_bucket_prefix" { default = "" } +variable "log_forwarder_bucket_tags" { + description = "A map of tags to apply to the log forwarder bucket" + type = map(any) + default = {} +} + variable "log_forwarder_s3_zip_storage_class" { description = "Specifies the desired Storage Class for the zip object. Can be either `STANDARD`, `REDUCED_REDUNDANCY`, `ONEZONE_IA`, `INTELLIGENT_TIERING`, or `STANDARD_IA`" type = string
"sse_algorithm": "AES256"
}