# Splunk Observability Cloud Terraform Provider (signalfx)

Splunk Observability Cloud is a Software as a Service (SaaS) solution for infrastructure monitoring (Splunk IM), application performance monitoring (Splunk APM), real user monitoring (Splunk RUM), and synthetic monitoring (Splunk Synthetic Monitoring). For more information, see the official documentation.

Use this Terraform provider to automate the configuration of Splunk Observability Cloud.

• Documentation: https://registry.terraform.io/providers/splunk-terraform/signalfx/latest/docs
• Website: https://www.terraform.io
• 
• Mailing list: Google Groups

## Requirements

• Terraform 0.12.x or higher
• Go 1.19 or higher to build the provider plugin

## Build the provider

To build the provider, follow these steps:

1. Clone the repository to: $GOPATH/src/github.com/splunk-terraform/terraform-provider-signalfx:

   $ git clone [email protected]:splunk-terraform/terraform-provider-signalfx.git $GOPATH/src/github.com/splunk-terraform/terraform-provider-signalfx

2. Enter the provider directory and build the provider:

   $ cd $GOPATH/src/github.com/splunk-terraform/terraform-provider-signalfx
   $ make build

Use the provider

If you're building the provider, follow the instructions to install it as a plugin.. After placing it into your plugins directory, run terraform init to initialize it.

Further usage documentation is available on the Terraform website.

Develop the provider

If you wish to work on the provider, you need the following:

• Go version 1.11 or higher
• Configured GOPATH
• $GOPATH/bin added to your $PATH

To compile the provider, run make build. This builds the provider and put its binary inside the $GOPATH/bin directory:

$ make build
...
$ $GOPATH/bin/terraform-provider-signalfx
...

To test the provider, run the following command:

$ make test

To run the full suite of acceptance tests, run make testacc.

$ export SFX_API_URL=https://api.signalfx.com # or https://api.eu0.signalfx.com
$ export SFX_AUTH_TOKEN=XXXXXX
$ make testacc

Important

Acceptance tests create real resources, and often cost money to run.

### Run AWS integration tests

To run the AWS integration tests for CloudWatch Metric Streams and AWS logs synchronization, create an AWS IAM user with an access key and secret that Splunk Observability Cloud can use to manage AWS resources, and define the SFX_TEST_AWS_ACCESS_KEY_ID and SFX_TEST_AWS_SECRET_ACCESS_KEY environment variables. For example:

export SFX_TEST_AWS_ACCESS_KEY_ID=AKIAXXXXXX
export SFX_TEST_AWS_SECRET_ACCESS_KEY=XXXXXX

Grant the following permissions. Additional permissions may be required to capture logs from specific AWS services.

"cloudwatch:DeleteMetricStream",
"cloudwatch:GetMetricStream",
"cloudwatch:ListMetricStreams",
"cloudwatch:PutMetricStream",
"cloudwatch:StartMetricStreams",
"cloudwatch:StopMetricStreams",
"iam:PassRole",

"logs:DeleteSubscriptionFilter",
"logs:DescribeLogGroups",
"logs:DescribeSubscriptionFilters",
"logs:PutSubscriptionFilter",
"s3:GetBucketLogging",
"s3:GetBucketNotification",
"s3:PutBucketNotification"

See Connect to AWS using the guided setup in Splunk Observability Cloud and Enable CloudWatch Metric Streams in Splunk documentation for more details about creating that IAM policy.

Note

Use an IAM user instead of an IAM role, as the latter requires an External ID that is only known at AWS integration creation time.

Release the provider

The releases are done via Github actions following these steps:

1. Create an pull request with the updated changelog.

2. Merge updated changelog once approved.

3. Pull the last changes on main with merged changelog update.

4. Tag the current commit with the next version.

5. Wait for the CI automation to publish draft release to Github.

6. Go back to the release in github and set "Set as the latest release"