-
-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathlogging.tf
96 lines (77 loc) · 2.98 KB
/
logging.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# CloudTrail
resource "aws_cloudtrail" "data_refinery_s3_cloudtrail" {
name = "data-refinery-s3-cloudtrail-${var.user}-${var.stage}"
depends_on = [aws_s3_bucket.data_refinery_cloudtrail_logs_bucket, aws_s3_bucket_policy.cloudtrail_access_policy]
s3_bucket_name = aws_s3_bucket.data_refinery_cloudtrail_logs_bucket.id
include_global_service_events = false
event_selector {
read_write_type = "ReadOnly"
include_management_events = false
data_resource {
type = "AWS::S3::Object"
# Make sure to append a trailing '/' to your ARN if you want
# to monitor all objects in a bucket.
# ref https://www.terraform.io/docs/providers/aws/r/cloudtrail.html#logging-individual-s3-bucket-events
values = [
"${aws_s3_bucket.data_refinery_compendia_bucket.arn}/",
"${aws_s3_bucket.data_refinery_transcriptome_index_bucket.arn}/",
"${aws_s3_bucket.data_refinery_qn_target_bucket.arn}/",
]
}
}
tags = var.default_tags
}
# CloudWatch Log Groups and Streams
##
# Groups
##
# This is the group. All of the streams belong to this.
resource "aws_cloudwatch_log_group" "data_refinery_log_group" {
name = "data-refinery-log-group-${var.user}-${var.stage}"
tags = merge(
var.default_tags,
{
Name = "data-refinery-log-group-${var.user}-${var.stage}"
}
)
}
##
# Streams
##
# Workers
resource "aws_cloudwatch_log_stream" "log_stream_surveyor" {
name = "log-stream-surveyor-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
resource "aws_cloudwatch_log_stream" "log_stream_processor" {
name = "log-stream-processor-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
resource "aws_cloudwatch_log_stream" "log_stream_downloader" {
name = "log-stream-downloader-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
# Foreman
resource "aws_cloudwatch_log_stream" "log_stream_foreman" {
name = "log-stream-foreman-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
# API
resource "aws_cloudwatch_log_stream" "log_stream_api" {
name = "log-stream-api-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
resource "aws_cloudwatch_log_stream" "log_stream_api_nginx_access" {
name = "log-stream-api-nginx-access-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
resource "aws_cloudwatch_log_stream" "log_stream_api_nginx_error" {
name = "log-stream-api-nginx-error-${var.user}-${var.stage}"
log_group_name = aws_cloudwatch_log_group.data_refinery_log_group.name
}
# Cloudtrail Logs
# Must start with `/aws/events` in order to connect to a cloudwatch_event_target.
resource "aws_cloudwatch_log_group" "compendia_object_metrics_log_group" {
name = "/aws/events/data-refinery-compendia-log-group-${var.user}-${var.stage}"
tags = var.default_tags
}