Create SSM parameter for the SNS receiving WAF logs

thoughtbot · Mar 28, 2024 · ccfdb9c · ccfdb9c
1 parent 99d23c9
commit ccfdb9c
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/aws/waf/main.tf b/aws/waf/main.tf
@@ -217,3 +217,10 @@ module "cloudwatch_log_extract" {
 resource "aws_sns_topic" "waf_logs_sns_subscription" {
   name = "${aws_wafv2_web_acl.main.id}-waf-logs-topic"
 }
+
+resource "aws_ssm_parameter" "aws_waf_acl" {
+  name        = "/aws-waf/sns/${var.name}"
+  description = "Name of the SNS for the AWS WAF logs - ${var.name}"
+  type        = "SecureString"
+  value       = "${aws_wafv2_web_acl.main.id}-waf-logs-topic"
+}