Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Datadog Service Log Forwarder Lambda #130

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Datadog Service Log Forwarder Lambda #130

wants to merge 1 commit into from

Conversation

DrizzlyOwl
Copy link
Contributor

  • The Datadog Forwarder is an AWS Lambda function that ships logs from AWS to Datadog

@DrizzlyOwl DrizzlyOwl force-pushed the feat/datadog-lambda-forwarder branch 4 times, most recently from 059136d to 2d08979 Compare October 18, 2024 11:43
@DrizzlyOwl DrizzlyOwl requested a review from Stretch96 October 18, 2024 11:44
@DrizzlyOwl DrizzlyOwl force-pushed the feat/datadog-lambda-forwarder branch 21 times, most recently from 77342a1 to b9c7df7 Compare October 21, 2024 11:01
@DrizzlyOwl @Stretch96
Datadog Service Log Forwarder Lambda
9ac20e8 
* The Datadog Forwarder is an AWS Lambda function that ships logs from AWS to Datadog
@Stretch96 Stretch96 force-pushed the feat/datadog-lambda-forwarder branch from b9c7df7 to 9ac20e8 Compare October 24, 2024 14:11
github-actions[bot]
github-actions bot reviewed Oct 24, 2024
View reviewed changes
datadog-forwarder-lambda.tf
Comment on lines +277 to +283
resource "aws_lambda_permission" "datadog_forwarder_allow_s3" {
statement_id = "AllowExecutionFromS3"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.datadog_service_log_forwarder[0].function_name
principal = "s3.amazonaws.com"
source_account = local.aws_account_id
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a CRITICAL severity issue from rule aws-lambda-restrict-source-arn:

Lambda permission lacks source ARN for *.amazonaws.com principal.

More information available here and here

github-actions[bot]
github-actions bot reviewed Oct 24, 2024
View reviewed changes
datadog-forwarder-lambda.tf
Comment on lines +269 to +275
resource "aws_lambda_permission" "datadog_forwarder_allow_sns" {
statement_id = "AllowExecutionFromSNS"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.datadog_service_log_forwarder[0].function_name
principal = "sns.amazonaws.com"
source_account = local.aws_account_id
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a CRITICAL severity issue from rule aws-lambda-restrict-source-arn:

Lambda permission lacks source ARN for *.amazonaws.com principal.

More information available here and here

github-actions[bot]
github-actions bot reviewed Oct 24, 2024
View reviewed changes
datadog-forwarder-lambda.tf
Comment on lines +261 to +267
resource "aws_lambda_permission" "datadog_forwarder_allow_cloudwatch" {
statement_id = "AllowExecutionFromCloudWatch"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.datadog_service_log_forwarder[0].function_name
principal = "events.amazonaws.com"
source_account = local.aws_account_id
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ tfsec found a CRITICAL severity issue from rule aws-lambda-restrict-source-arn:

Lambda permission lacks source ARN for *.amazonaws.com principal.

More information available here and here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@Stretch96 Stretch96 Awaiting requested review from Stretch96

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@DrizzlyOwl