terraform-ibm-modules · jor2 · Oct 10, 2024 · Oct 10, 2024 · Oct 10, 2024 · Oct 14, 2024
@@ -142,12 +142,17 @@ locals {
   parsed_log_metrics_bucket_name         = var.existing_cloud_logs_metrics_bucket_crn != null ? split(":", var.existing_cloud_logs_metrics_bucket_crn) : []
   existing_cloud_log_metrics_bucket_name = length(local.parsed_log_metrics_bucket_name) > 0 ? local.parsed_log_metrics_bucket_name[1] : null
 
+  # Event Notifications
+  parsed_existing_en_instance_crn = var.existing_en_instance_crn != null ? split(":", var.existing_en_instance_crn) : []
+  existing_en_guid                = length(local.parsed_existing_en_instance_crn) > 0 ? local.parsed_existing_en_instance_crn[7] : null
   # https://github.ibm.com/GoldenEye/issues/issues/10928#issuecomment-93550079
   cloud_logs_existing_en_instances = concat(var.cloud_logs_existing_en_instances, var.existing_en_instance_crn != null ? [{
     instance_crn        = var.existing_en_instance_crn
     integration_name    = var.en_integration_name
     skip_en_auth_policy = var.skip_en_auth_policy
   }] : [])
+  en_topic              = var.prefix != null ? "${var.prefix} - Cloud Logs Topic" : "Cloud Logs Topic"
+  en_subscription_email = var.prefix != null ? "${var.prefix} - Email for Cloud Logs Subscription" : "Email for Cloud Logs Subscription"
 }
 
 #######################################################################################################################
@@ -499,3 +504,50 @@ module "cos_bucket" {
     }
   ]
 }
+
+#######################################################################################################################
+# Cloud Logs - Event Notifications Configuration
+#######################################################################################################################
+
+data "ibm_en_destinations" "en_destinations" {
+  count         = var.existing_en_instance_crn != null ? 1 : 0
+  instance_guid = local.existing_en_guid
+}
+
+# workaround for https://github.com/IBM-Cloud/terraform-provider-ibm/issues/5533.
+resource "time_sleep" "wait_for_observability" {
+  depends_on = [module.observability_instance]
+
+  create_duration = "60s"
+}
+
+resource "ibm_en_topic" "en_topic" {
+  count         = var.existing_en_instance_crn != null && var.cloud_logs_provision == true ? 1 : 0
-  count         = var.existing_en_instance_crn != null && var.cloud_logs_provision == true ? 1 : 0
+  count         = var.existing_en_instance_crn != null && var.cloud_logs_provision ? 1 : 0
-  count         = var.existing_en_instance_crn != null && var.cloud_logs_provision == true ? 1 : 0
+  count         = var.existing_en_instance_crn != null && var.cloud_logs_provision ? 1 : 0
+  depends_on    = [time_sleep.wait_for_observability]
+  instance_guid = local.existing_en_guid
+  name          = local.en_topic
+  description   = "Topic for Cloud Logs events routing"
+  sources {
+    id = module.observability_instance.cloud_logs_crn
+    rules {
+      enabled           = true
+      event_type_filter = "$.*"
+    }
+  }
+}
+
+resource "ibm_en_subscription_email" "email_subscription" {
+  count          = var.existing_en_instance_crn != null && var.cloud_logs_provision == null && length(var.cloud_logs_en_email_list) > 0 ? 1 : 0
-  count          = var.existing_en_instance_crn != null && var.cloud_logs_provision == null && length(var.cloud_logs_en_email_list) > 0 ? 1 : 0
+  count          = var.existing_en_instance_crn != null && var.cloud_logs_provision && length(var.cloud_logs_en_email_list) > 0 ? 1 : 0
-  count          = var.existing_en_instance_crn != null && var.cloud_logs_provision == null && length(var.cloud_logs_en_email_list) > 0 ? 1 : 0
+  count          = var.existing_en_instance_crn != null && var.cloud_logs_provision && length(var.cloud_logs_en_email_list) > 0 ? 1 : 0
+  instance_guid  = local.existing_en_guid
+  name           = local.en_subscription_email
+  description    = "Subscription for Cloud Logs Events"
+  destination_id = [for s in toset(data.ibm_en_destinations.en_destinations[count.index].destinations) : s.id if s.type == "smtp_ibm"][0]
+  topic_id       = ibm_en_topic.en_topic[count.index].topic_id
+  attributes {
+    add_notification_payload = true
+    reply_to_mail            = var.cloud_logs_en_reply_to_email
+    reply_to_name            = "Cloud Logs Event Notifications Bot"
+    from_name                = var.cloud_logs_en_from_email
+    invited                  = var.cloud_logs_en_email_list
+  }
+}
@@ -106,6 +106,10 @@ variable "cloud_logs_existing_en_instances" {
   default = []
 }
 
+########################################################################################################################
+# EN Configuration variables
+########################################################################################################################
+
 variable "existing_en_instance_crn" {
   type        = string
   description = "The CRN of the existing event notification instance. This variable is intended for integrating a single Event Notifications instance to Cloud Logs. If you need to integrate multiple instances, use the `cloud_logs_existing_en_instances` variable instead."
@@ -124,6 +128,24 @@ variable "skip_en_auth_policy" {
   default     = false
 }
 
+variable "cloud_logs_en_from_email" {
+  type        = string
+  description = "The `from` email address used in any Security and Compliance Center events from Event Notifications."
+  default     = "[email protected]"
+}
+
+variable "cloud_logs_en_reply_to_email" {
+  type        = string
+  description = "The `reply_to` email address used in any Security and Compliance Center events from Event Notifications."
+  default     = "[email protected]"
+}
+
+variable "cloud_logs_en_email_list" {
+  type        = list(string)
+  description = "The list of email addresses to notify when Security and Compliance Center triggers an event."
+  default     = []
+}
+
 variable "cloud_logs_retention_period" {
   type        = number
   description = "The number of days IBM Cloud Logs will retain the logs data in priority insights. Possible Values: 7, 14, 30, 60, 90"