However, even after these changes, there were still issues with the files.
So this PR also makes the following changes:
Change 1:
The mentions to the config file were incorrect. It only pointed to the bucket. It failed with:
[ERROR] ConfigFileException: Invalid s3 uri provided: `s3://constanca-benchmark-test-esf-bucket`
Traceback (most recent call last):
File "/var/task/handlers/aws/utils.py", line 63, in wrapper
return func(lambda_event, lambda_context)
File "/var/task/handlers/aws/utils.py", line 98, in wrapper
raise e
File "/var/task/handlers/aws/utils.py", line 82, in wrapper
return func(lambda_event, lambda_context)
File "/var/task/handlers/aws/handler.py", line 67, in lambda_handler
raise ConfigFileException(e)
We need to add to update the environment variable S3_CONFIG_FILE to point to the right file:
Note: The file needs to be necessarily named config.yaml if we set it this way. It does not seem like a problem since we mention it in the documentation as well:
Elastic Serverless Forwarder requires a config.yaml file to be uploaded to an S3 bucket and referenced by the S3_CONFIG_FILE environment variable.
Change 2:
Data "external" was replaced with data "null_data_source", but that is deprecated:
│ Warning: Deprecated
│
│ with data.null_data_source.esf-source-path,
│ on esf.tf line 68, in data "null_data_source" "esf-source-path":
│ 68: data "null_data_source" "esf-source-path" {
│
│ The null_data_source was historically used to construct intermediate values to re-use elsewhere in configuration, the same can now be achieved using locals or the terraform_data resource type in Terraform 1.4 and later.
│
│ (and one more similar warning elsewhere)
╵
Replace it with a local variable, and make the module esf-lambda-function depend on the ESF source download so it does not cause issues with a source_path that does not exist.
Description
This PR is the pickup from this PR: https://github.com/elastic/terraform-elastic-esf/pull/1.
The linked PR does the following:
esf.tf
fileHowever, even after these changes, there were still issues with the files.
So this PR also makes the following changes:
Change 1:
The mentions to the config file were incorrect. It only pointed to the bucket. It failed with:
We need to add to update the environment variable
S3_CONFIG_FILE
to point to the right file:And also update in the permissions to avoid access denied:
Change 2:
Data "external" was replaced with data "null_data_source", but that is deprecated:
Replace it with a local variable, and make the module
esf-lambda-function
depend on the ESF source download so it does not cause issues with asource_path
that does not exist.Issues
Closes https://github.com/elastic/terraform-elastic-esf/issues/3.
Results
(Pre requisites for this: have a cloudwatch log group and S3 bucket with config.yaml file)
I tested this using a cloudwatch logs input. Example:
This file was in my S3 bucket, and I set value for variables:
Results in Discover:
To do next
We still need to remove dependencies, but this PR just tries to get this repository in a functional state.