From 503f29977425481aabb4cc31a170260ae33950b7 Mon Sep 17 00:00:00 2001 From: Manu Chandrasekhar Date: Tue, 10 Sep 2024 18:13:52 -0400 Subject: [PATCH] docs: added example for awscc_logs_log_anomaly_detector --- docs/resources/logs_log_anomaly_detector.md | 85 ++++++++++++++++++- .../logs_log_anomaly_detector.tf | 75 ++++++++++++++++ .../logs_log_anomaly_detector.md.tmpl | 29 +++++++ 3 files changed, 187 insertions(+), 2 deletions(-) create mode 100644 examples/resources/awscc_logs_log_anomaly_detector/logs_log_anomaly_detector.tf create mode 100644 templates/resources/logs_log_anomaly_detector.md.tmpl diff --git a/docs/resources/logs_log_anomaly_detector.md b/docs/resources/logs_log_anomaly_detector.md index ce1c104ce..8b0689961 100644 --- a/docs/resources/logs_log_anomaly_detector.md +++ b/docs/resources/logs_log_anomaly_detector.md @@ -1,5 +1,4 @@ --- -# generated by https://github.com/hashicorp/terraform-plugin-docs page_title: "awscc_logs_log_anomaly_detector Resource - terraform-provider-awscc" subcategory: "" description: |- @@ -10,7 +9,89 @@ description: |- The AWS::Logs::LogAnomalyDetector resource specifies a CloudWatch Logs LogAnomalyDetector. +## Example Usage +### Basic example + +Creates an anomaly detector that regularly scans one or more log groups and look for patterns and anomalies in the logs. + +```terraform +resource "awscc_logs_log_anomaly_detector" "example" { + account_id = data.aws_caller_identity.current.account_id + anomaly_visibility_time = 30 + detector_name = "example" + evaluation_frequency = "ONE_HOUR" + filter_pattern = "%AUTHORIZED%" + log_group_arn_list = ["arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:log-group:${awscc_logs_log_group.example.id}"] + kms_key_id = awscc_kms_key.example.arn +} + +resource "awscc_logs_log_group" "example" { + log_group_name = "example" + retention_in_days = 7 +} + +resource "awscc_kms_key" "example" { + description = "KMS Key for log anomaly detector" + key_policy = jsonencode({ + "Version" : "2012-10-17", + "Id" : "KMS-Key-Policy-For-Root", + "Statement" : [ + { + "Sid" : "Enable IAM User Permissions", + "Effect" : "Allow", + "Principal" : { + "AWS" : "arn:${data.aws_partition.current.name}:iam::${data.aws_caller_identity.current.account_id}:root" + }, + "Action" : "kms:*", + "Resource" : "*" + }, + { + "Effect" : "Allow", + "Principal" : { + "Service" : "logs.${data.aws_region.current.name}.amazonaws.com" + }, + "Action" : [ + "kms:Encrypt", + "kms:Decrypt", + "kms:GenerateDataKey*", + "kms:DescribeKey" + ], + "Resource" : "*", + "Condition" : { + "ArnLike" : { + "kms:EncryptionContext:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*" + } + } + }, + { + "Effect" : "Allow", + "Principal" : { + "Service" : "logs.${data.aws_region.current.name}.amazonaws.com" + }, + "Action" : [ + "kms:Encrypt", + "kms:Decrypt", + "kms:ReEncrypt*", + "kms:GenerateDataKey*", + "kms:DescribeKey" + ], + "Resource" : "*", + "Condition" : { + "ArnLike" : { + "kms:EncryptionContext:aws-crypto-ec:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*" + } + } + } + ], + } + ) +} + +data "aws_caller_identity" "current" {} +data "aws_region" "current" {} +data "aws_partition" "current" {} +``` ## Schema @@ -39,4 +120,4 @@ Import is supported using the following syntax: ```shell $ terraform import awscc_logs_log_anomaly_detector.example "anomaly_detector_arn" -``` +``` \ No newline at end of file diff --git a/examples/resources/awscc_logs_log_anomaly_detector/logs_log_anomaly_detector.tf b/examples/resources/awscc_logs_log_anomaly_detector/logs_log_anomaly_detector.tf new file mode 100644 index 000000000..fa7734e7b --- /dev/null +++ b/examples/resources/awscc_logs_log_anomaly_detector/logs_log_anomaly_detector.tf @@ -0,0 +1,75 @@ +resource "awscc_logs_log_anomaly_detector" "example" { + account_id = data.aws_caller_identity.current.account_id + anomaly_visibility_time = 30 + detector_name = "example" + evaluation_frequency = "ONE_HOUR" + filter_pattern = "%AUTHORIZED%" + log_group_arn_list = ["arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:log-group:${awscc_logs_log_group.example.id}"] + kms_key_id = awscc_kms_key.example.arn +} + +resource "awscc_logs_log_group" "example" { + log_group_name = "example" + retention_in_days = 7 +} + +resource "awscc_kms_key" "example" { + description = "KMS Key for log anomaly detector" + key_policy = jsonencode({ + "Version" : "2012-10-17", + "Id" : "KMS-Key-Policy-For-Root", + "Statement" : [ + { + "Sid" : "Enable IAM User Permissions", + "Effect" : "Allow", + "Principal" : { + "AWS" : "arn:${data.aws_partition.current.name}:iam::${data.aws_caller_identity.current.account_id}:root" + }, + "Action" : "kms:*", + "Resource" : "*" + }, + { + "Effect" : "Allow", + "Principal" : { + "Service" : "logs.${data.aws_region.current.name}.amazonaws.com" + }, + "Action" : [ + "kms:Encrypt", + "kms:Decrypt", + "kms:GenerateDataKey*", + "kms:DescribeKey" + ], + "Resource" : "*", + "Condition" : { + "ArnLike" : { + "kms:EncryptionContext:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*" + } + } + }, + { + "Effect" : "Allow", + "Principal" : { + "Service" : "logs.${data.aws_region.current.name}.amazonaws.com" + }, + "Action" : [ + "kms:Encrypt", + "kms:Decrypt", + "kms:ReEncrypt*", + "kms:GenerateDataKey*", + "kms:DescribeKey" + ], + "Resource" : "*", + "Condition" : { + "ArnLike" : { + "kms:EncryptionContext:aws-crypto-ec:aws:logs:arn" : "arn:${data.aws_partition.current.name}:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*" + } + } + } + ], + } + ) +} + +data "aws_caller_identity" "current" {} +data "aws_region" "current" {} +data "aws_partition" "current" {} \ No newline at end of file diff --git a/templates/resources/logs_log_anomaly_detector.md.tmpl b/templates/resources/logs_log_anomaly_detector.md.tmpl new file mode 100644 index 000000000..d5a7f0a87 --- /dev/null +++ b/templates/resources/logs_log_anomaly_detector.md.tmpl @@ -0,0 +1,29 @@ +--- +page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" +subcategory: "" +description: |- +{{ .Description | plainmarkdown | trimspace | prefixlines " " }} +--- + +# {{.Name}} ({{.Type}}) + +{{ .Description | trimspace }} + +## Example Usage + +### Basic example + +Creates an anomaly detector that regularly scans one or more log groups and look for patterns and anomalies in the logs. + +{{ tffile (printf "examples/resources/%s/logs_log_anomaly_detector.tf" .Name)}} + +{{ .SchemaMarkdown | trimspace }} +{{- if .HasImport }} + +## Import + +Import is supported using the following syntax: + +{{ codefile "shell" .ImportFile }} + +{{- end }} \ No newline at end of file