empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ac797c8f81
fleet/terraform/addons/logging-alb/.header.md
Robert Fairburn de888d3cb3
Initial Terraform ALB Loggin Module (#10010)
2023-02-22 10:07:12 -06:00

1.4 KiB
Raw Blame History

ALB Logging Addon

This addon creates alb logging bucket(s) in s3 and optionally an athena database for those logs.

Example Configuration

This assumes your fleet module is main and is configured with it's default documentation.

See https://github.com/fleetdm/fleet/blob/main/terraform/example/main.tf for details.

module "main" {
  source          = "github.com/fleetdm/fleet//terraform?ref=main"
  certificate_arn = module.acm.acm_certificate_arn
  vpc = {
    name = random_pet.main.id
  }
  fleet_config = {
    extra_environment_variables = module.firehose-logging.fleet_extra_environment_variables
    extra_iam_policies          = module.firehose-logging.fleet_extra_iam_policies
  }
  alb_config = {
    access_logs = {
      bucket  = module.logging_alb.log_s3_bucket_id
      prefix  = "fleet"
      enabled = true
    }
  }
}

module "logging_alb" {
  source        = "github.com/fleetdm/fleet//terraform/addons/logging-alb?ref=main"
  prefix        = "fleet"
  enable_athena = true
}

Additional Information

Once this terraform is applied, the Athena table will need to be created. See https://docs.aws.amazon.com/athena/latest/ug/application-load-balancer-logs.html for help with creating the table.

For this implementation, the S3 pattern for the CREATE TABLE query should look like this:

s3://your-alb-logs-bucket/<PREFIX>/AWSLogs/<ACCOUNT-ID>/elasticloadbalancing/<REGION>/