diff --git a/README.md b/README.md
index 8311388..8206b51 100644
--- a/README.md
+++ b/README.md
@@ -254,6 +254,23 @@ module "log_account_policy" {
}
```
+### Log Anomaly Detector
+
+```hcl
+module "log_anomaly_detector" {
+ source = "terraform-aws-modules/cloudwatch/aws//modules/log-anomaly-detector"
+ version = "~> 4.0"
+
+ detector_name = "anomaly-detector"
+ log_group_arns = ["arn:aws:logs:eu-west-1:835367859852:log-group:my-log-group"]
+ anomaly_visibility_time = 7
+ enabled = true
+ evaluation_frequency = "FIVE_MIN"
+ filter_pattern = "%test%"
+ kms_key_id = "arn:aws:kms:eu-west-1:835367859852:key/9051f3e7-17b8-4543-8070-50e22599966"
+}
+```
+
## Examples
- [Complete Cloudwatch log metric filter and alarm](https://github.com/terraform-aws-modules/terraform-aws-cloudwatch/tree/master/examples/complete-log-metric-filter-and-alarm)
@@ -267,6 +284,7 @@ module "log_account_policy" {
- [Cloudwatch log subscription filter](https://github.com/terraform-aws-modules/terraform-aws-cloudwatch/tree/master/examples/log-subscription-filter)
- [Cloudwatch log data protection policy](https://github.com/terraform-aws-modules/terraform-aws-cloudwatch/tree/master/examples/log-group-with-data-protection-policy)
- [Cloudwatch Log Account Policy](https://github.com/terraform-aws-modules/terraform-aws-cloudwatch/tree/master/examples/log-account-policy)
+- [Cloudwatch Log Anomaly Detector](https://github.com/terraform-aws-modules/terraform-aws-cloudwatch/tree/master/examples/log-anomaly-detector)
diff --git a/examples/cis-alarms/README.md b/examples/cis-alarms/README.md
index ae18de8..3ba1e50 100644
--- a/examples/cis-alarms/README.md
+++ b/examples/cis-alarms/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/cis-alarms/versions.tf b/examples/cis-alarms/versions.tf
index 2c346da..4969d64 100644
--- a/examples/cis-alarms/versions.tf
+++ b/examples/cis-alarms/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/examples/complete-log-metric-filter-and-alarm/README.md b/examples/complete-log-metric-filter-and-alarm/README.md
index ea455d0..bcd9485 100644
--- a/examples/complete-log-metric-filter-and-alarm/README.md
+++ b/examples/complete-log-metric-filter-and-alarm/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/complete-log-metric-filter-and-alarm/versions.tf b/examples/complete-log-metric-filter-and-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/examples/complete-log-metric-filter-and-alarm/versions.tf
+++ b/examples/complete-log-metric-filter-and-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/examples/composite-alarm/README.md b/examples/composite-alarm/README.md
index 68d0d54..2f02b08 100644
--- a/examples/composite-alarm/README.md
+++ b/examples/composite-alarm/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/composite-alarm/versions.tf b/examples/composite-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/examples/composite-alarm/versions.tf
+++ b/examples/composite-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/examples/fixtures/aws_cloudwatch_log_group/versions.tf b/examples/fixtures/aws_cloudwatch_log_group/versions.tf
index f469629..d241c36 100644
--- a/examples/fixtures/aws_cloudwatch_log_group/versions.tf
+++ b/examples/fixtures/aws_cloudwatch_log_group/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
diff --git a/examples/fixtures/aws_kms_key/versions.tf b/examples/fixtures/aws_kms_key/versions.tf
index f469629..d241c36 100644
--- a/examples/fixtures/aws_kms_key/versions.tf
+++ b/examples/fixtures/aws_kms_key/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
diff --git a/examples/fixtures/aws_lambda_function/versions.tf b/examples/fixtures/aws_lambda_function/versions.tf
index 4e4857d..dcd988d 100644
--- a/examples/fixtures/aws_lambda_function/versions.tf
+++ b/examples/fixtures/aws_lambda_function/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
diff --git a/examples/fixtures/aws_sns_topic/versions.tf b/examples/fixtures/aws_sns_topic/versions.tf
index f469629..d241c36 100644
--- a/examples/fixtures/aws_sns_topic/versions.tf
+++ b/examples/fixtures/aws_sns_topic/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
diff --git a/examples/lambda-metric-alarm/README.md b/examples/lambda-metric-alarm/README.md
index b946752..c1704c8 100644
--- a/examples/lambda-metric-alarm/README.md
+++ b/examples/lambda-metric-alarm/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/lambda-metric-alarm/versions.tf b/examples/lambda-metric-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/examples/lambda-metric-alarm/versions.tf
+++ b/examples/lambda-metric-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/examples/log-account-policy/README.md b/examples/log-account-policy/README.md
index 7fba1f8..26997fb 100644
--- a/examples/log-account-policy/README.md
+++ b/examples/log-account-policy/README.md
@@ -6,14 +6,14 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
| [random](#requirement\_random) | >= 3.5 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
| [random](#provider\_random) | >= 3.5 |
## Modules
diff --git a/examples/log-account-policy/versions.tf b/examples/log-account-policy/versions.tf
index bc79575..d31e0c4 100644
--- a/examples/log-account-policy/versions.tf
+++ b/examples/log-account-policy/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
source = "hashicorp/random"
diff --git a/examples/log-anomaly-detector/README.md b/examples/log-anomaly-detector/README.md
new file mode 100644
index 0000000..b3e1236
--- /dev/null
+++ b/examples/log-anomaly-detector/README.md
@@ -0,0 +1,41 @@
+# Complete Log Anomaly Detector
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 5.81 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | >= 5.81 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [kms](#module\_kms) | terraform-aws-modules/kms/aws | ~> 1.0 |
+| [log\_anomaly\_detector](#module\_log\_anomaly\_detector) | ../../modules/log-anomaly-detector | n/a |
+| [log\_group](#module\_log\_group) | ../../modules/log-group | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [cloudwatch\_log\_anomaly\_arn](#output\_cloudwatch\_log\_anomaly\_arn) | The ARN of the anomaly detector. |
+
diff --git a/examples/log-anomaly-detector/main.tf b/examples/log-anomaly-detector/main.tf
new file mode 100644
index 0000000..0884c12
--- /dev/null
+++ b/examples/log-anomaly-detector/main.tf
@@ -0,0 +1,103 @@
+provider "aws" {
+ region = "eu-west-1"
+}
+
+locals {
+ name = "ex-${basename(path.cwd)}"
+}
+
+module "log_group" {
+ source = "../../modules/log-group"
+
+ name = local.name
+ retention_in_days = 7
+ kms_key_id = module.kms.key_arn
+}
+
+module "log_anomaly_detector" {
+ source = "../../modules/log-anomaly-detector"
+
+ detector_name = local.name
+ log_group_arns = [module.log_group.cloudwatch_log_group_arn]
+ anomaly_visibility_time = 7
+ enabled = true
+ evaluation_frequency = "FIVE_MIN"
+ filter_pattern = "%test%"
+ kms_key_id = module.kms.key_arn
+}
+
+################################################################################
+# Supporting Resources
+################################################################################
+
+data "aws_caller_identity" "current" {}
+data "aws_region" "current" {}
+
+module "kms" {
+ source = "terraform-aws-modules/kms/aws"
+ version = "~> 1.0"
+ description = "KMS key for log anomaly detection"
+
+ key_owners = [data.aws_caller_identity.current.arn]
+ key_statements = [
+ {
+ sid = "CloudWatchLogs"
+ actions = [
+ "kms:Encrypt*",
+ "kms:Decrypt*",
+ "kms:ReEncrypt*",
+ "kms:GenerateDataKey*",
+ "kms:Describe*"
+ ]
+ resources = ["*"]
+
+ principals = [
+ {
+ type = "Service"
+ identifiers = ["logs.${data.aws_region.current.name}.amazonaws.com"]
+ }
+ ]
+
+ conditions = [
+ {
+ test = "ArnLike"
+ variable = "kms:EncryptionContext:aws:logs:arn"
+ values = [
+ "arn:aws:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:log-group:${local.name}",
+ "arn:aws:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*"
+ ]
+ }
+ ]
+ },
+ {
+ actions = [
+ "kms:Encrypt*",
+ "kms:Decrypt*",
+ "kms:ReEncrypt*",
+ "kms:GenerateDataKey*",
+ "kms:Describe*"
+ ]
+ resources = ["*"]
+
+ principals = [
+ {
+ type = "Service"
+ identifiers = ["logs.${data.aws_region.current.name}.amazonaws.com"]
+ }
+ ]
+
+ conditions = [
+ {
+ test = "ArnLike"
+ variable = "kms:EncryptionContext:aws-crypto-ec:aws:logs:arn"
+ values = [
+ "arn:aws:logs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:anomaly-detector:*"
+ ]
+ }
+ ]
+ }
+ ]
+ tags = {
+ terraform = true
+ }
+}
diff --git a/examples/log-anomaly-detector/outputs.tf b/examples/log-anomaly-detector/outputs.tf
new file mode 100644
index 0000000..e12026d
--- /dev/null
+++ b/examples/log-anomaly-detector/outputs.tf
@@ -0,0 +1,4 @@
+output "cloudwatch_log_anomaly_arn" {
+ description = "The ARN of the anomaly detector."
+ value = module.log_anomaly_detector.arn
+}
diff --git a/examples/log-anomaly-detector/variables.tf b/examples/log-anomaly-detector/variables.tf
new file mode 100644
index 0000000..e69de29
diff --git a/examples/log-anomaly-detector/versions.tf b/examples/log-anomaly-detector/versions.tf
new file mode 100644
index 0000000..4969d64
--- /dev/null
+++ b/examples/log-anomaly-detector/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 5.81"
+ }
+ }
+}
diff --git a/examples/log-group-with-log-stream/README.md b/examples/log-group-with-log-stream/README.md
index 38c6820..afc6c15 100644
--- a/examples/log-group-with-log-stream/README.md
+++ b/examples/log-group-with-log-stream/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/log-group-with-log-stream/versions.tf b/examples/log-group-with-log-stream/versions.tf
index 2c346da..4969d64 100644
--- a/examples/log-group-with-log-stream/versions.tf
+++ b/examples/log-group-with-log-stream/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/examples/log-subscription-filter/versions.tf b/examples/log-subscription-filter/versions.tf
index bc79575..d31e0c4 100644
--- a/examples/log-subscription-filter/versions.tf
+++ b/examples/log-subscription-filter/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
source = "hashicorp/random"
diff --git a/examples/metric-stream/README.md b/examples/metric-stream/README.md
index 7185ac0..d72fe35 100644
--- a/examples/metric-stream/README.md
+++ b/examples/metric-stream/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
| [random](#requirement\_random) | >= 3.5 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
| [random](#provider\_random) | >= 3.5 |
## Modules
diff --git a/examples/metric-stream/versions.tf b/examples/metric-stream/versions.tf
index bc79575..d31e0c4 100644
--- a/examples/metric-stream/versions.tf
+++ b/examples/metric-stream/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
source = "hashicorp/random"
diff --git a/examples/multiple-lambda-metric-alarm/README.md b/examples/multiple-lambda-metric-alarm/README.md
index e273cea..e5122bb 100644
--- a/examples/multiple-lambda-metric-alarm/README.md
+++ b/examples/multiple-lambda-metric-alarm/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/multiple-lambda-metric-alarm/versions.tf b/examples/multiple-lambda-metric-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/examples/multiple-lambda-metric-alarm/versions.tf
+++ b/examples/multiple-lambda-metric-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/examples/query-definition/README.md b/examples/query-definition/README.md
index 0a555c5..650442c 100644
--- a/examples/query-definition/README.md
+++ b/examples/query-definition/README.md
@@ -20,7 +20,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
diff --git a/examples/query-definition/versions.tf b/examples/query-definition/versions.tf
index 2c346da..4969d64 100644
--- a/examples/query-definition/versions.tf
+++ b/examples/query-definition/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/cis-alarms/README.md b/modules/cis-alarms/README.md
index 86832fa..609681a 100644
--- a/modules/cis-alarms/README.md
+++ b/modules/cis-alarms/README.md
@@ -8,14 +8,14 @@ Read more about [CIS AWS Foundations Controls](https://docs.aws.amazon.com/secur
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
| [random](#requirement\_random) | >= 2.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
| [random](#provider\_random) | >= 2.0 |
## Modules
diff --git a/modules/cis-alarms/versions.tf b/modules/cis-alarms/versions.tf
index f469629..d241c36 100644
--- a/modules/cis-alarms/versions.tf
+++ b/modules/cis-alarms/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
diff --git a/modules/composite-alarm/README.md b/modules/composite-alarm/README.md
index 62a9610..181862e 100644
--- a/modules/composite-alarm/README.md
+++ b/modules/composite-alarm/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/composite-alarm/versions.tf b/modules/composite-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/modules/composite-alarm/versions.tf
+++ b/modules/composite-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/log-account-policy/README.md b/modules/log-account-policy/README.md
index 1a8247b..58e355d 100644
--- a/modules/log-account-policy/README.md
+++ b/modules/log-account-policy/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/log-account-policy/versions.tf b/modules/log-account-policy/versions.tf
index 2c346da..4969d64 100644
--- a/modules/log-account-policy/versions.tf
+++ b/modules/log-account-policy/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/log-anomaly-detector/README.md b/modules/log-anomaly-detector/README.md
new file mode 100644
index 0000000..d90f31d
--- /dev/null
+++ b/modules/log-anomaly-detector/README.md
@@ -0,0 +1,45 @@
+# log-anomaly-detector
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 5.81 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | >= 5.81 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudwatch_log_anomaly_detector.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_anomaly_detector) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [anomaly\_visibility\_time](#input\_anomaly\_visibility\_time) | Number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in anomaly\_visibility\_time, it will be considered normal going forward and will not be detected as an anomaly. Valid Range: Minimum value of 7. Maximum value of 90. | `number` | `null` | no |
+| [create](#input\_create) | Whether to create the anomaly detector. | `bool` | `true` | no |
+| [detector\_name](#input\_detector\_name) | Name for this anomaly detector. | `string` | `null` | no |
+| [enabled](#input\_enabled) | Whether or not to enable the anomaly detector. | `bool` | `null` | no |
+| [evaluation\_frequency](#input\_evaluation\_frequency) | Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for evaluation\_frequency. Valid Values: ONE\_MIN \| FIVE\_MIN \| TEN\_MIN \| FIFTEEN\_MIN \| THIRTY\_MIN \| ONE\_HOUR. | `string` | `null` | no |
+| [filter\_pattern](#input\_filter\_pattern) | You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. | `string` | `null` | no |
+| [kms\_key\_id](#input\_kms\_key\_id) | Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds. | `string` | `null` | no |
+| [log\_group\_arns](#input\_log\_group\_arns) | Array containing the ARN of the log group that this anomaly detector will watch. You can specify only one log group ARN. | `list(string)` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [arn](#output\_arn) | The ARN of the anomaly detector. |
+
diff --git a/modules/log-anomaly-detector/main.tf b/modules/log-anomaly-detector/main.tf
new file mode 100644
index 0000000..5c2389d
--- /dev/null
+++ b/modules/log-anomaly-detector/main.tf
@@ -0,0 +1,11 @@
+resource "aws_cloudwatch_log_anomaly_detector" "this" {
+ count = var.create ? 1 : 0
+
+ log_group_arn_list = var.log_group_arns
+ anomaly_visibility_time = var.anomaly_visibility_time
+ detector_name = var.detector_name
+ enabled = var.enabled
+ evaluation_frequency = var.evaluation_frequency
+ filter_pattern = var.filter_pattern
+ kms_key_id = var.kms_key_id
+}
diff --git a/modules/log-anomaly-detector/outputs.tf b/modules/log-anomaly-detector/outputs.tf
new file mode 100644
index 0000000..9bbdd2f
--- /dev/null
+++ b/modules/log-anomaly-detector/outputs.tf
@@ -0,0 +1,4 @@
+output "arn" {
+ description = "The ARN of the anomaly detector."
+ value = try(aws_cloudwatch_log_anomaly_detector.this[0].arn, null)
+}
diff --git a/modules/log-anomaly-detector/variables.tf b/modules/log-anomaly-detector/variables.tf
new file mode 100644
index 0000000..5838997
--- /dev/null
+++ b/modules/log-anomaly-detector/variables.tf
@@ -0,0 +1,47 @@
+variable "create" {
+ description = "Whether to create the anomaly detector."
+ type = bool
+ default = true
+}
+
+variable "log_group_arns" {
+ description = "Array containing the ARN of the log group that this anomaly detector will watch. You can specify only one log group ARN."
+ type = list(string)
+ default = null
+}
+
+variable "anomaly_visibility_time" {
+ description = "Number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in anomaly_visibility_time, it will be considered normal going forward and will not be detected as an anomaly. Valid Range: Minimum value of 7. Maximum value of 90."
+ type = number
+ default = null
+}
+
+variable "detector_name" {
+ description = "Name for this anomaly detector."
+ type = string
+ default = null
+}
+
+variable "enabled" {
+ description = "Whether or not to enable the anomaly detector."
+ type = bool
+ default = null
+}
+
+variable "evaluation_frequency" {
+ description = "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for evaluation_frequency. Valid Values: ONE_MIN | FIVE_MIN | TEN_MIN | FIFTEEN_MIN | THIRTY_MIN | ONE_HOUR."
+ type = string
+ default = null
+}
+
+variable "filter_pattern" {
+ description = "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here."
+ type = string
+ default = null
+}
+
+variable "kms_key_id" {
+ description = "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds."
+ type = string
+ default = null
+}
diff --git a/modules/log-anomaly-detector/versions.tf b/modules/log-anomaly-detector/versions.tf
new file mode 100644
index 0000000..4969d64
--- /dev/null
+++ b/modules/log-anomaly-detector/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 5.81"
+ }
+ }
+}
diff --git a/modules/log-group/README.md b/modules/log-group/README.md
index 1e7ee37..b5a677d 100644
--- a/modules/log-group/README.md
+++ b/modules/log-group/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/log-group/versions.tf b/modules/log-group/versions.tf
index 2c346da..4969d64 100644
--- a/modules/log-group/versions.tf
+++ b/modules/log-group/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/log-metric-filter/README.md b/modules/log-metric-filter/README.md
index 6f3207f..2c956be 100644
--- a/modules/log-metric-filter/README.md
+++ b/modules/log-metric-filter/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/log-metric-filter/versions.tf b/modules/log-metric-filter/versions.tf
index 2c346da..4969d64 100644
--- a/modules/log-metric-filter/versions.tf
+++ b/modules/log-metric-filter/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/log-stream/README.md b/modules/log-stream/README.md
index 6287887..749d68f 100644
--- a/modules/log-stream/README.md
+++ b/modules/log-stream/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/log-stream/versions.tf b/modules/log-stream/versions.tf
index 2c346da..4969d64 100644
--- a/modules/log-stream/versions.tf
+++ b/modules/log-stream/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/log-subscription-filter/README.md b/modules/log-subscription-filter/README.md
index cb155e7..df7a50b 100644
--- a/modules/log-subscription-filter/README.md
+++ b/modules/log-subscription-filter/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/log-subscription-filter/versions.tf b/modules/log-subscription-filter/versions.tf
index 2c346da..4969d64 100644
--- a/modules/log-subscription-filter/versions.tf
+++ b/modules/log-subscription-filter/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/metric-alarm/README.md b/modules/metric-alarm/README.md
index e78a041..5155291 100644
--- a/modules/metric-alarm/README.md
+++ b/modules/metric-alarm/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/metric-alarm/versions.tf b/modules/metric-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/modules/metric-alarm/versions.tf
+++ b/modules/metric-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/metric-alarms-by-multiple-dimensions/README.md b/modules/metric-alarms-by-multiple-dimensions/README.md
index 1c2424a..cb364b4 100644
--- a/modules/metric-alarms-by-multiple-dimensions/README.md
+++ b/modules/metric-alarms-by-multiple-dimensions/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/metric-alarms-by-multiple-dimensions/versions.tf b/modules/metric-alarms-by-multiple-dimensions/versions.tf
index 2c346da..4969d64 100644
--- a/modules/metric-alarms-by-multiple-dimensions/versions.tf
+++ b/modules/metric-alarms-by-multiple-dimensions/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/metric-stream/README.md b/modules/metric-stream/README.md
index 84e3fa6..18ad95c 100644
--- a/modules/metric-stream/README.md
+++ b/modules/metric-stream/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/metric-stream/versions.tf b/modules/metric-stream/versions.tf
index 2c346da..4969d64 100644
--- a/modules/metric-stream/versions.tf
+++ b/modules/metric-stream/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/modules/query-definition/README.md b/modules/query-definition/README.md
index b0d2fa6..add9e50 100644
--- a/modules/query-definition/README.md
+++ b/modules/query-definition/README.md
@@ -6,13 +6,13 @@
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.58 |
+| [aws](#requirement\_aws) | >= 5.81 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.58 |
+| [aws](#provider\_aws) | >= 5.81 |
## Modules
diff --git a/modules/query-definition/versions.tf b/modules/query-definition/versions.tf
index 2c346da..4969d64 100644
--- a/modules/query-definition/versions.tf
+++ b/modules/query-definition/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/cis-alarms/versions.tf b/wrappers/cis-alarms/versions.tf
index f469629..d241c36 100644
--- a/wrappers/cis-alarms/versions.tf
+++ b/wrappers/cis-alarms/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
random = {
diff --git a/wrappers/composite-alarm/versions.tf b/wrappers/composite-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/composite-alarm/versions.tf
+++ b/wrappers/composite-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/log-account-policy/versions.tf b/wrappers/log-account-policy/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/log-account-policy/versions.tf
+++ b/wrappers/log-account-policy/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/log-anomaly-detector/README.md b/wrappers/log-anomaly-detector/README.md
new file mode 100644
index 0000000..94b38df
--- /dev/null
+++ b/wrappers/log-anomaly-detector/README.md
@@ -0,0 +1,100 @@
+# Wrapper for module: `modules/log-anomaly-detector`
+
+The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt).
+
+You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module.
+
+This wrapper does not implement any extra functionality.
+
+## Usage with Terragrunt
+
+`terragrunt.hcl`:
+
+```hcl
+terraform {
+ source = "tfr:///terraform-aws-modules/cloudwatch/aws//wrappers/log-anomaly-detector"
+ # Alternative source:
+ # source = "git::git@github.com:terraform-aws-modules/terraform-aws-cloudwatch.git//wrappers/log-anomaly-detector?ref=master"
+}
+
+inputs = {
+ defaults = { # Default values
+ create = true
+ tags = {
+ Terraform = "true"
+ Environment = "dev"
+ }
+ }
+
+ items = {
+ my-item = {
+ # omitted... can be any argument supported by the module
+ }
+ my-second-item = {
+ # omitted... can be any argument supported by the module
+ }
+ # omitted...
+ }
+}
+```
+
+## Usage with Terraform
+
+```hcl
+module "wrapper" {
+ source = "terraform-aws-modules/cloudwatch/aws//wrappers/log-anomaly-detector"
+
+ defaults = { # Default values
+ create = true
+ tags = {
+ Terraform = "true"
+ Environment = "dev"
+ }
+ }
+
+ items = {
+ my-item = {
+ # omitted... can be any argument supported by the module
+ }
+ my-second-item = {
+ # omitted... can be any argument supported by the module
+ }
+ # omitted...
+ }
+}
+```
+
+## Example: Manage multiple S3 buckets in one Terragrunt layer
+
+`eu-west-1/s3-buckets/terragrunt.hcl`:
+
+```hcl
+terraform {
+ source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers"
+ # Alternative source:
+ # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master"
+}
+
+inputs = {
+ defaults = {
+ force_destroy = true
+
+ attach_elb_log_delivery_policy = true
+ attach_lb_log_delivery_policy = true
+ attach_deny_insecure_transport_policy = true
+ attach_require_latest_tls_policy = true
+ }
+
+ items = {
+ bucket1 = {
+ bucket = "my-random-bucket-1"
+ }
+ bucket2 = {
+ bucket = "my-random-bucket-2"
+ tags = {
+ Secure = "probably"
+ }
+ }
+ }
+}
+```
diff --git a/wrappers/log-anomaly-detector/main.tf b/wrappers/log-anomaly-detector/main.tf
new file mode 100644
index 0000000..5639513
--- /dev/null
+++ b/wrappers/log-anomaly-detector/main.tf
@@ -0,0 +1,14 @@
+module "wrapper" {
+ source = "../../modules/log-anomaly-detector"
+
+ for_each = var.items
+
+ anomaly_visibility_time = try(each.value.anomaly_visibility_time, var.defaults.anomaly_visibility_time, null)
+ create = try(each.value.create, var.defaults.create, true)
+ detector_name = try(each.value.detector_name, var.defaults.detector_name, null)
+ enabled = try(each.value.enabled, var.defaults.enabled, null)
+ evaluation_frequency = try(each.value.evaluation_frequency, var.defaults.evaluation_frequency, null)
+ filter_pattern = try(each.value.filter_pattern, var.defaults.filter_pattern, null)
+ kms_key_id = try(each.value.kms_key_id, var.defaults.kms_key_id, null)
+ log_group_arns = try(each.value.log_group_arns, var.defaults.log_group_arns, null)
+}
diff --git a/wrappers/log-anomaly-detector/outputs.tf b/wrappers/log-anomaly-detector/outputs.tf
new file mode 100644
index 0000000..ec6da5f
--- /dev/null
+++ b/wrappers/log-anomaly-detector/outputs.tf
@@ -0,0 +1,5 @@
+output "wrapper" {
+ description = "Map of outputs of a wrapper."
+ value = module.wrapper
+ # sensitive = false # No sensitive module output found
+}
diff --git a/wrappers/log-anomaly-detector/variables.tf b/wrappers/log-anomaly-detector/variables.tf
new file mode 100644
index 0000000..a6ea096
--- /dev/null
+++ b/wrappers/log-anomaly-detector/variables.tf
@@ -0,0 +1,11 @@
+variable "defaults" {
+ description = "Map of default values which will be used for each item."
+ type = any
+ default = {}
+}
+
+variable "items" {
+ description = "Maps of items to create a wrapper from. Values are passed through to the module."
+ type = any
+ default = {}
+}
diff --git a/wrappers/log-anomaly-detector/versions.tf b/wrappers/log-anomaly-detector/versions.tf
new file mode 100644
index 0000000..4969d64
--- /dev/null
+++ b/wrappers/log-anomaly-detector/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 5.81"
+ }
+ }
+}
diff --git a/wrappers/log-group/versions.tf b/wrappers/log-group/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/log-group/versions.tf
+++ b/wrappers/log-group/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/log-metric-filter/versions.tf b/wrappers/log-metric-filter/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/log-metric-filter/versions.tf
+++ b/wrappers/log-metric-filter/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/log-stream/versions.tf b/wrappers/log-stream/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/log-stream/versions.tf
+++ b/wrappers/log-stream/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/log-subscription-filter/versions.tf b/wrappers/log-subscription-filter/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/log-subscription-filter/versions.tf
+++ b/wrappers/log-subscription-filter/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/metric-alarm/versions.tf b/wrappers/metric-alarm/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/metric-alarm/versions.tf
+++ b/wrappers/metric-alarm/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/metric-alarms-by-multiple-dimensions/versions.tf b/wrappers/metric-alarms-by-multiple-dimensions/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/metric-alarms-by-multiple-dimensions/versions.tf
+++ b/wrappers/metric-alarms-by-multiple-dimensions/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/metric-stream/versions.tf b/wrappers/metric-stream/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/metric-stream/versions.tf
+++ b/wrappers/metric-stream/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}
diff --git a/wrappers/query-definition/versions.tf b/wrappers/query-definition/versions.tf
index 2c346da..4969d64 100644
--- a/wrappers/query-definition/versions.tf
+++ b/wrappers/query-definition/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.58"
+ version = ">= 5.81"
}
}
}