CA-132 - Fix ES log group implementation (#22)

* Updates version to merge new release.

* Adds new empty line.

* Updates changelog.

* Accomodates examples and fixes example errors.

* Runs lint and docs.

Author: fvazquez-caylent

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Tamr Terraform AWS Elasticsearch Repo
 
+## v4.0.0 - November 15th 2021
+* Replaces`logs_retention_in_days` for `log_group_name` variable for cloudwatch-logs module.
+* Replaces the creation of a cloudwatch log group for a data source query to get an existent log group for use.
+
 ## v3.1.0 - November 15th 2021
 * Adds variables `logs_retention_in_days` and `log_types` that enables the publishing of ElasticSearch Logs into CloudWatch
 

README.md

@@ -36,7 +36,7 @@ This module creates:
 | Name | Version |
 |------|---------|
 | terraform | >= 0.13 |
-| aws | >= 3.36.0 |
+| aws | >= 3.36.0, < 4.0.0 |
 
 ## Providers
 

VERSION

@@ -1 +1 @@
-3.1.0
+4.0.0

examples/logs/README.md

@@ -13,7 +13,10 @@ No requirements.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| ingress\_cidr\_blocks | n/a | `list(string)` | n/a | yes |
 | name-prefix | A string to prepend to names of resources created by this example | `any` | n/a | yes |
+| subnet\_cidr | n/a | `string` | n/a | yes |
+| vpc\_cidr | n/a | `string` | n/a | yes |
 | create\_new\_service\_role | Whether to create a new IAM service linked role for ES. This only needs to happen once per account. If false, linked\_service\_role is required | `bool` | `false` | no |
 | log\_retention\_in\_days | Specifies the number of days you want to retain log events.<br>  Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0.<br>  If you select 0, the events in the log group are always retained and never expire. | `number` | `0` | no |
 | log\_types | A list of log types that will be published to CloudWatch. Valid values are SEARCH\_SLOW\_LOGS, INDEX\_SLOW\_LOGS, ES\_APPLICATION\_LOGS and AUDIT\_LOGS. | `list(string)` | <pre>[<br>  "ES_APPLICATION_LOGS",<br>  "SEARCH_SLOW_LOGS",<br>  "INDEX_SLOW_LOGS"<br>]</pre> | no |

examples/logs/main.tf

@@ -14,7 +14,6 @@ module "sg-ports" {
   source = "../../modules/es-ports"
 }
 
-
 module "aws-sg" {
   source              = "git::[email protected]:Datatamer/terraform-aws-security-groups.git?ref=0.1.0"
   vpc_id              = aws_vpc.es_vpc.id
@@ -33,7 +32,10 @@ resource "aws_iam_service_linked_role" "es" {
 }
 
 module "tamr-es-cluster" {
-  depends_on         = [aws_iam_service_linked_role.es]
+  depends_on = [
+    aws_iam_service_linked_role.es,
+    aws_cloudwatch_log_group.es-logs
+  ]
   source             = "../../"
   vpc_id             = aws_vpc.es_vpc.id
   domain_name        = format("%s-elasticsearch", var.name-prefix)
@@ -46,7 +48,7 @@ module "tamr-es-cluster" {
 
 #tfsec:ignore:aws-cloudwatch-log-group-customer-key
 resource "aws_cloudwatch_log_group" "es-logs" {
-  name_prefix = format("%s-%s", var.name-prefix, "example-logs")
+  name = format("%s-%s", var.name-prefix, "example-logs")
 
   retention_in_days = var.log_retention_in_days
   tags              = var.tags

examples/logs/variables.tf

@@ -32,3 +32,15 @@ variable "log_retention_in_days" {
   EOF
   default     = 0
 }
+
+variable "vpc_cidr" {
+  type = string
+}
+
+variable "subnet_cidr" {
+  type = string
+}
+
+variable "ingress_cidr_blocks" {
+  type = list(string)
+}

main.tf

@@ -22,14 +22,14 @@ module "tamr-es-cluster" {
   tls_security_policy             = var.tls_security_policy
   node_to_node_encryption_enabled = var.node_to_node_encryption_enabled
   arn_partition                   = var.arn_partition
-  log_publishing_options          = module.tamr-es-coudwatch-log-groups.log_publishing_options
+  log_publishing_options          = module.tamr-es-cloudwatch-log-groups.log_publishing_options
 
   depends_on = [
-    module.tamr-es-coudwatch-log-groups
+    module.tamr-es-cloudwatch-log-groups
   ]
 }
 
-module "tamr-es-coudwatch-log-groups" {
+module "tamr-es-cloudwatch-log-groups" {
   source = "./modules/cloudwatch-logs"
 
   domain_name    = var.domain_name

versions.tf

@@ -1,6 +1,6 @@
 terraform {
   required_version = ">= 0.13"
   required_providers {
-    aws = ">= 3.36.0"
+    aws = ">= 3.36.0, < 4.0.0"
   }
 }