From 515aadf7dc6ed3d9d908f9077fe34c6bf1de32f9 Mon Sep 17 00:00:00 2001 From: "Grayson, Matthew" Date: Tue, 12 Sep 2023 09:47:45 -0500 Subject: [PATCH] Create bucket and log group for terraform-managed lambdas. --- infrastructure/cloudtrail.tf | 3 +-- infrastructure/infrastructure.tf | 17 +++++++++++++++++ infrastructure/prod.tfvars | 2 ++ infrastructure/stage.tfvars | 2 ++ infrastructure/vars.tf | 12 ++++++++++++ 5 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 infrastructure/infrastructure.tf diff --git a/infrastructure/cloudtrail.tf b/infrastructure/cloudtrail.tf index b215cb9f0..cd7d39490 100644 --- a/infrastructure/cloudtrail.tf +++ b/infrastructure/cloudtrail.tf @@ -25,8 +25,7 @@ resource "aws_cloudtrail" "all-events" { } resource "aws_s3_bucket" "cloudtrail_bucket" { - bucket = var.cloudtrail_bucket_name - force_destroy = true + bucket = var.cloudtrail_bucket_name tags = { Project = var.project Stage = var.stage diff --git a/infrastructure/infrastructure.tf b/infrastructure/infrastructure.tf new file mode 100644 index 000000000..83d6ffa5d --- /dev/null +++ b/infrastructure/infrastructure.tf @@ -0,0 +1,17 @@ +resource "aws_s3_bucket" "infrastructure" { + name = var.infrastructure_bucket_name + tags = { + Project = var.project + Stage = var.stage + } +} + +resource "aws_cloudwatch_log_group" "infrastructure" { + name = var.infrastructure_log_group_name + retention_in_days = 3653 + kms_key_id = aws_kms_key.key.arn + tags = { + Project = var.project + Stage = var.stage + } +} \ No newline at end of file diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars index 84a565b77..fd81150cb 100644 --- a/infrastructure/prod.tfvars +++ b/infrastructure/prod.tfvars @@ -46,6 +46,8 @@ cloudtrail_bucket_name = "cisa-crossfeed-prod-cloudtrail" cloudtrail_role_name = "cisa-crossfeed-prod-cloudtrail" cloudtrail_log_group_name = "cisa-crossfeed-prod-cloudtrail" export_bucket_name = "cisa-crossfeed-prod-exports" +infrastructure_bucket_name = "cisa-crossfeed-prod-infrastructure" +infrastructure_log_group_name = "cisa-crossfeed-prod-infrastructure" reports_bucket_name = "cisa-crossfeed-prod-reports" pe_db_backups_bucket_name = "cisa-crossfeed-prod-pe-db-backups" user_pool_name = "crossfeed-prod" diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index 9312408f2..f56c25c8a 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -46,6 +46,8 @@ cloudtrail_bucket_name = "cisa-crossfeed-staging-cloudtrail" cloudtrail_role_name = "cisa-crossfeed-staging-cloudtrail" cloudtrail_log_group_name = "cisa-crossfeed-staging-cloudtrail" export_bucket_name = "cisa-crossfeed-staging-exports" +infrastructure_bucket_name = "cisa-crossfeed-staging-infrastructure" +infrastructure_log_group_name = "cisa-crossfeed-staging-infrastructure" reports_bucket_name = "cisa-crossfeed-staging-reports" pe_db_backups_bucket_name = "cisa-crossfeed-staging-pe-db-backups" user_pool_name = "crossfeed-staging" diff --git a/infrastructure/vars.tf b/infrastructure/vars.tf index c1e49cf6e..85399b092 100644 --- a/infrastructure/vars.tf +++ b/infrastructure/vars.tf @@ -286,6 +286,18 @@ variable "export_bucket_name" { default = "cisa-crossfeed-staging-exports" } +variable "infrastructure_bucket_name" { + description = "infrastructure_bucket_name" + type = string + default = "cisa-crossfeed-staging-infrastructure" +} + +variable "infrastructure_log_group_name" { + description = "infrastructure_log_group_name" + type = string + default = "crossfeed-staging-infrastructure-logs" +} + variable "reports_bucket_name" { description = "reports_bucket_name" type = string