-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudwatch.tf
22 lines (20 loc) · 985 Bytes
/
cloudwatch.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
resource "aws_cloudwatch_event_rule" "cloudwatch_exporter" {
count = var.lambda_schedule ? 1 : 0
name = "cloudwatch-event-rule-lambda-securityhub-exporter"
description = "Triggers the security hub exporter lambda"
schedule_expression = "cron(0 3 * * ? *)" // Each day at 3pm
}
resource "aws_cloudwatch_event_target" "cloudwatch_exporter_target" {
count = var.lambda_schedule ? 1 : 0
rule = aws_cloudwatch_event_rule.cloudwatch_exporter[0].name
target_id = "lambda"
arn = aws_lambda_function.securityhub_exporter.function_name
}
resource "aws_lambda_permission" "allow_cloudwatch_exporter" {
count = var.lambda_schedule ? 1 : 0
statement_id = "AllowExecutionFromCloudWatch"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.securityhub_exporter.function_name
principal = "events.amazonaws.com"
source_arn = aws_cloudwatch_event_rule.cloudwatch_exporter[0].arn
}