forked from newrelic/aws-log-ingestion
-
Notifications
You must be signed in to change notification settings - Fork 0
/
template.yaml
111 lines (106 loc) · 3.75 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Sends log data from CloudWatch Logs to New Relic Infrastructure (Cloud integrations) and New Relic Logging
Parameters:
NRLicenseKey:
Type: String
Description: Your NewRelic license key.
NoEcho: true
NRLoggingEnabled:
Type: String
Description: Determines if logs are forwarded to New Relic Logging
Default: 'False'
AllowedValues:
- 'True'
- 'False'
NRInfraLogging:
Type: String
Description: Determines if logs are forwarded to New Relic Infrastructure
Default: 'True'
AllowedValues:
- 'True'
- 'False'
MemorySize:
Type: Number
Description: Memory size for the New Relic Log Ingestion Lambda function
Default: 128
Timeout:
Type: Number
Description: Timeout for the New Relic Log Ingestion Lambda function
Default: 30
FunctionRole:
Type: String
Description: |
IAM Role name that this function will assume. Should provide the AWSLambdaBasicExecutionRole policy. If not
specified, an appropriate Role will be created, which will require CAPABILITY_IAM to be acknowledged.
Default: ''
Conditions:
NoRole: !Equals ['', !Ref FunctionRole]
NoCap: !Not [ !Equals ['', !Ref FunctionRole] ]
Metadata:
AWS::ServerlessRepo::Application:
Name: NewRelic-log-ingestion
Description: Send log data from CloudWatch Logs to New Relic Infrastructure (Cloud Integrations) and New Relic Logging.
Author: New Relic
SpdxLicenseId: Apache-2.0
LicenseUrl: LICENSE
ReadmeUrl: README.md
HomePageUrl: https://github.com/newrelic/aws-log-ingestion
SemanticVersion: 2.3.3
SourceCodeUrl: https://github.com/newrelic/aws-log-ingestion
Resources:
NewRelicLogIngestionFunctionNoCap:
Type: AWS::Serverless::Function
Condition: NoCap
DeletionPolicy: Delete
Properties:
CodeUri: src/
Description: Sends log data from CloudWatch Logs to New Relic Infrastructure (Cloud integrations) and New Relic Logging
Handler: function.lambda_handler
FunctionName: newrelic-log-ingestion
MemorySize:
Ref: MemorySize
Runtime: python3.7
Role: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${FunctionRole}
Timeout:
Ref: Timeout
Environment:
Variables:
LICENSE_KEY: !Ref NRLicenseKey
LOGGING_ENABLED: !Ref NRLoggingEnabled
INFRA_ENABLED: !Ref NRInfraLogging
NewRelicLogIngestionFunction:
Type: AWS::Serverless::Function
Condition: NoRole
DeletionPolicy: Delete
Properties:
CodeUri: src/
Description: Sends log data from CloudWatch Logs to New Relic Infrastructure (Cloud integrations) and New Relic Logging
Handler: function.lambda_handler
FunctionName: newrelic-log-ingestion
MemorySize:
Ref: MemorySize
Runtime: python3.7
Timeout:
Ref: Timeout
Environment:
Variables:
LICENSE_KEY: !Ref NRLicenseKey
LOGGING_ENABLED: !Ref NRLoggingEnabled
INFRA_ENABLED: !Ref NRInfraLogging
LambdaInvokePermissionNoCap:
Type: AWS::Lambda::Permission
Condition: NoCap
Properties:
FunctionName: !GetAtt NewRelicLogIngestionFunctionNoCap.Arn
Action: lambda:InvokeFunction
Principal: !Sub logs.${AWS::Region}.amazonaws.com
SourceArn: !Sub arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*
LambdaInvokePermission:
Type: AWS::Lambda::Permission
Condition: NoRole
Properties:
FunctionName: !GetAtt NewRelicLogIngestionFunction.Arn
Action: lambda:InvokeFunction
Principal: !Sub logs.${AWS::Region}.amazonaws.com
SourceArn: !Sub arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*