Skip to content

Commit eee52b8

Browse files
KarthikeyannhsKarthikeyannhs
committed
firehose kms key
1 parent e8592a6 commit eee52b8

5 files changed

Lines changed: 14 additions & 2 deletions

File tree

infrastructure/modules/kinesis_firehose/kinesis_firehose_delivery_stream.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ resource "aws_kinesis_firehose_delivery_stream" "eligibility_audit_firehose_deli
1313
cloudwatch_logging_options {
1414
enabled = true
1515
log_group_name = var.kinesis_cloud_watch_log_group_name
16-
log_stream_name = "to-s3"
16+
log_stream_name = var.kinesis_cloud_watch_log_stream
1717
}
1818
}
1919

infrastructure/modules/kinesis_firehose/variables.tf

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,4 +18,10 @@ variable "kinesis_cloud_watch_log_group_name" {
1818
type = string
1919
}
2020

21+
variable "kinesis_cloud_watch_log_stream" {
22+
description = "kinesis cloud watch log stream"
23+
type = string
24+
}
25+
26+
2127

infrastructure/stacks/api-layer/cloudwatch.tf

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,3 +19,8 @@ resource "aws_cloudwatch_log_group" "firehose_audit" {
1919
Stack = local.stack_name
2020
}
2121
}
22+
23+
resource "aws_cloudwatch_log_stream" "firehose_audit_stream" {
24+
name = "audit_stream_log"
25+
log_group_name = aws_cloudwatch_log_group.firehose_audit.name
26+
}

infrastructure/stacks/api-layer/iam_policies.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,7 @@ data "aws_iam_policy_document" "s3_rules_kms_key_policy" {
175175
effect = "Allow"
176176
principals {
177177
type = "AWS"
178-
identifiers = [aws_iam_role.eligibility_lambda_role.arn]
178+
identifiers = [aws_iam_role.eligibility_lambda_role.arn, aws_iam_role.eligibility_audit_firehose_role.arn]
179179
}
180180
actions = ["kms:Decrypt"]
181181
resources = ["*"]

infrastructure/stacks/api-layer/kinesis_firehose.tf

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,4 +8,5 @@ module "eligibility_audit_firehose_delivery_stream" {
88
workspace = local.workspace
99
tags = local.tags
1010
kinesis_cloud_watch_log_group_name = aws_cloudwatch_log_group.firehose_audit.name
11+
kinesis_cloud_watch_log_stream = aws_cloudwatch_log_stream.firehose_audit_stream.name
1112
}

0 commit comments

Comments
 (0)