-
-
Notifications
You must be signed in to change notification settings - Fork 28
/
Copy pathREADME.yaml
94 lines (80 loc) · 5.08 KB
/
README.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#
# This is the canonical configuration for the `README.md`
# Run `make init`, `make readme/deps` to load all the dependencies
# then run `make readme` as needed to rebuild the `README.md`
#
# Name of this project
name: terraform-aws-datadog-integration
# Tags of this project
tags:
- aws
- terraform
- terraform-modules
- logging
- monitoring
- datadog
# Categories of this project
categories:
- terraform-modules/logging
# Logo for this project
#logo: docs/logo.png
# License of this project
license: "APACHE2"
# Canonical GitHub repo
github_repo: cloudposse/terraform-aws-datadog-integration
# Badges to display
badges:
- name: Latest Release
image: https://img.shields.io/github/release/cloudposse/terraform-aws-datadog-integration.svg?style=for-the-badge
url: https://github.com/cloudposse/terraform-aws-datadog-integration/releases/latest
- name: Last Updated
image: https://img.shields.io/github/last-commit/cloudposse/terraform-aws-datadog-integration.svg?style=for-the-badge
url: https://github.com/cloudposse/terraform-aws-datadog-integration/commits
- name: Slack Community
image: https://slack.cloudposse.com/for-the-badge.svg
url: https://slack.cloudposse.com
# List any related terraform modules that this module may be used with or that this module depends on.
related:
- name: "fluentd-datadog-logs"
description: "Dockerfile that implements fluentd log forwarding to datadog's new log service"
url: "https://github.com/cloudposse/fluentd-datadog-logs"
- name: "terraform-datadog-monitor"
description: "Terraform module to provision Standard System Monitors (cpu, memory, swap, io, etc) in Datadog"
url: "https://github.com/cloudposse/terraform-datadog-monitor"
- name: "terraform-aws-datadog-lambda-forwarder"
description: "Terraform module to provision all the necessary infrastructure to deploy [Datadog Lambda forwarders](https://github.com/DataDog/datadog-serverless-functions/tree/master/aws/logs_monitoring)"
url: "https://github.com/cloudposse/terraform-aws-datadog-lambda-forwarder"
# Short description of this project
description: |-
Terraform module to configure [Datadog AWS integration](https://docs.datadoghq.com/api/v1/aws-integration/).
# How to use this project
usage: |-
For a complete example, see [examples/complete](examples/complete).
For automated tests of the complete example using [bats](https://github.com/bats-core/bats-core) and [Terratest](https://github.com/gruntwork-io/terratest) (which tests and deploys the example on AWS), see [test](test).
**Note:** At the moment this module supports a limited set of IAM policies to support Datadog integrations. More can be added as needed.
### Structure
This module aligns with [Datadog's documentation](https://docs.datadoghq.com/integrations/amazon_web_services/) by providing a `core-integration` policy for minimal permissions and additional policies for specific services. It also includes a `full-integration` policy (formerly `all`), encompassing all permissions listed under "All Permissions" for comprehensive coverage. The variable `var.integrations` is deprecated and replaced by `var.policies`, which supports Datadog-defined IAM policy names such as `core-integration`, `full-integration`, `resource-collection`, `CSPM`, `SecurityAudit`, and `everything`.
Policy files have been updated for clarity and functionality. The `full-integration` policy reflects Datadog’s latest permissions and replaces the former `all` policy. A new `resource-collection` policy has been added for resource-specific permissions, while the `SecurityAudit` policy attaches the AWS-managed role for compliance. Backward compatibility is maintained by mapping old `var.integrations` values to new `var.policies`, ensuring a seamless transition while supporting legacy configurations.```
### Migration Guide
To migrate from the `v1.3.0` configuration, replace `var.integrations` with `var.policies` in your module usage. The values `"core"` and `"all"` previously used in `var.integrations` should be updated to `"core-integration"` and `"full-integration"`, respectively. If you were using `"CSPM"`, it now serves as an alias for `"SecurityAudit"`. Existing configurations will remain functional due to backward compatibility mappings, but updating to the new `var.policies` variable ensures alignment with the latest module structure and Datadog's documentation.
### Installation
Include this module in your existing terraform code:
```hcl
module "datadog_integration" {
source = "cloudposse/datadog-integration/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = "eg"
stage = "test"
name = "datadog"
policies = ["full-integration"]
}
```
The DataDog integration will be linked with your configured datadog account via the provider's `api_key`.
examples: |-
Review the [complete example](examples/complete) to see how to use this module.
include:
- "docs/targets.md"
- "docs/terraform.md"
# Contributors to this project
contributors: []