Closed asteel-gsa closed 9 months ago
@akf Since this is coming from a fork, I am unable to add a reviewer, but this is largely set.
I did change to unique names, since when having all of them use logshipper
it will get 2 values for the ."user-provided"
services, so making them unique. This should (for now) remove the dependency on the service-name
and a future enhancement can modify the designated tags, or enhance the jq to look at both ."user-provided"
creds and filter based on the tags to not return a null
value
Following up from PR #29 on the 18F terraform modules, which add tag support to the s3 bucket (and other modules), the following changes are proposed so that we can define a specific tag to get the values in the profile, instead of the name of the service.
This allows us to define a specific tag for the three required resources and keep the names of the services unique, while keeping the same functionality. Ex:
logshipper-s3
logshipper-creds
&newrelic-creds
The usecase for this proposal, is that we already have a service name
newrelic-creds
bound to our running application, and we cannot have 2 services sharing the same name. The terraform was already updated to add the credentialNEW_RELIC_LOGS_ENDPOINT
, so I left the tag generic to tag it asnewrelic
. Thenewrelic-creds
that a consumer of thecg-logshipper
may use by default does not implicitly mean it is used for logshipper. The same logic would be applied for an s3 module, where the s3 bucket may be tagged withs3
&logshipper-s3
, but since the s3 is dedicated to the consumption of the logs, rather thannewrelic-creds
service (which could be used globally) this seemed like the logical approach.I am waiting for the FAC's
preview
environment to be free, so I can validate that tags are applied to the s3 resource via the 18F module, but will post those results when I can and move out of draft