Skip to content

Commit

Permalink
Merge pull request #1992 from quixoticmonk/d-improve-awscc_logs_log_a…
Browse files Browse the repository at this point in the history
…nomaly_detector

docs: added example for awscc_logs_log_anomaly_detector
  • Loading branch information
ewbankkit authored Dec 30, 2024
2 parents 874aa52 + 503f299 commit d50b978
Show file tree
Hide file tree
Showing 3 changed files with 187 additions and 2 deletions.
85 changes: 83 additions & 2 deletions docs/resources/logs_log_anomaly_detector.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "awscc_logs_log_anomaly_detector Resource - terraform-provider-awscc"
subcategory: ""
description: |-
Expand All @@ -10,7 +9,89 @@ description: |-

The AWS::Logs::LogAnomalyDetector resource specifies a CloudWatch Logs LogAnomalyDetector.

## Example Usage

### Basic example

Creates an anomaly detector that regularly scans one or more log groups and look for patterns and anomalies in the logs.

```terraform
resource "awscc_logs_log_anomaly_detector" "example" {
account_id = data.aws_caller_identity.current.account_id
anomaly_visibility_time = 30
detector_name = "example"
evaluation_frequency = "ONE_HOUR"
filter_pattern = "%AUTHORIZED%"
log_group_arn_list = ["arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:log-group:${awscc_logs_log_group.example.id}"]
kms_key_id = awscc_kms_key.example.arn
}
resource "awscc_logs_log_group" "example" {
log_group_name = "example"
retention_in_days = 7
}
resource "awscc_kms_key" "example" {
description = "KMS Key for log anomaly detector"
key_policy = jsonencode({
"Version" : "2012-10-17",
"Id" : "KMS-Key-Policy-For-Root",
"Statement" : [
{
"Sid" : "Enable IAM User Permissions",
"Effect" : "Allow",
"Principal" : {
"AWS" : "arn:${data.aws_partition.current.name}:iam::${data.aws_caller_identity.current.account_id}:root"
},
"Action" : "kms:*",
"Resource" : "*"
},
{
"Effect" : "Allow",
"Principal" : {
"Service" : "logs.${data.aws_region.current.name}.amazonaws.com"
},
"Action" : [
"kms:Encrypt",
"kms:Decrypt",
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource" : "*",
"Condition" : {
"ArnLike" : {
"kms:EncryptionContext:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*"
}
}
},
{
"Effect" : "Allow",
"Principal" : {
"Service" : "logs.${data.aws_region.current.name}.amazonaws.com"
},
"Action" : [
"kms:Encrypt",
"kms:Decrypt",
"kms:ReEncrypt*",
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource" : "*",
"Condition" : {
"ArnLike" : {
"kms:EncryptionContext:aws-crypto-ec:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*"
}
}
}
],
}
)
}
data "aws_caller_identity" "current" {}
data "aws_region" "current" {}
data "aws_partition" "current" {}
```

<!-- schema generated by tfplugindocs -->
## Schema
Expand Down Expand Up @@ -39,4 +120,4 @@ Import is supported using the following syntax:

```shell
$ terraform import awscc_logs_log_anomaly_detector.example "anomaly_detector_arn"
```
```
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
resource "awscc_logs_log_anomaly_detector" "example" {
account_id = data.aws_caller_identity.current.account_id
anomaly_visibility_time = 30
detector_name = "example"
evaluation_frequency = "ONE_HOUR"
filter_pattern = "%AUTHORIZED%"
log_group_arn_list = ["arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:log-group:${awscc_logs_log_group.example.id}"]
kms_key_id = awscc_kms_key.example.arn
}

resource "awscc_logs_log_group" "example" {
log_group_name = "example"
retention_in_days = 7
}

resource "awscc_kms_key" "example" {
description = "KMS Key for log anomaly detector"
key_policy = jsonencode({
"Version" : "2012-10-17",
"Id" : "KMS-Key-Policy-For-Root",
"Statement" : [
{
"Sid" : "Enable IAM User Permissions",
"Effect" : "Allow",
"Principal" : {
"AWS" : "arn:${data.aws_partition.current.name}:iam::${data.aws_caller_identity.current.account_id}:root"
},
"Action" : "kms:*",
"Resource" : "*"
},
{
"Effect" : "Allow",
"Principal" : {
"Service" : "logs.${data.aws_region.current.name}.amazonaws.com"
},
"Action" : [
"kms:Encrypt",
"kms:Decrypt",
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource" : "*",
"Condition" : {
"ArnLike" : {
"kms:EncryptionContext:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*"
}
}
},
{
"Effect" : "Allow",
"Principal" : {
"Service" : "logs.${data.aws_region.current.name}.amazonaws.com"
},
"Action" : [
"kms:Encrypt",
"kms:Decrypt",
"kms:ReEncrypt*",
"kms:GenerateDataKey*",
"kms:DescribeKey"
],
"Resource" : "*",
"Condition" : {
"ArnLike" : {
"kms:EncryptionContext:aws-crypto-ec:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*"
}
}
}
],
}
)
}

data "aws_caller_identity" "current" {}
data "aws_region" "current" {}
data "aws_partition" "current" {}
29 changes: 29 additions & 0 deletions templates/resources/logs_log_anomaly_detector.md.tmpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
---
page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}"
subcategory: ""
description: |-
{{ .Description | plainmarkdown | trimspace | prefixlines " " }}
---

# {{.Name}} ({{.Type}})

{{ .Description | trimspace }}

## Example Usage

### Basic example

Creates an anomaly detector that regularly scans one or more log groups and look for patterns and anomalies in the logs.

{{ tffile (printf "examples/resources/%s/logs_log_anomaly_detector.tf" .Name)}}

{{ .SchemaMarkdown | trimspace }}
{{- if .HasImport }}

## Import

Import is supported using the following syntax:

{{ codefile "shell" .ImportFile }}

{{- end }}

0 comments on commit d50b978

Please sign in to comment.