diff --git a/modules/cloudwatch-oam-link/README.md b/modules/cloudwatch-oam-link/README.md
index 0af0f7a..fbe8dea 100644
--- a/modules/cloudwatch-oam-link/README.md
+++ b/modules/cloudwatch-oam-link/README.md
@@ -8,14 +8,14 @@ This module creates following resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 1.6 |
-| [aws](#requirement\_aws) | >= 4.63 |
+| [terraform](#requirement\_terraform) | >= 1.8 |
+| [aws](#requirement\_aws) | >= 5.58 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 5.51.0 |
+| [aws](#provider\_aws) | 5.58.0 |
## Modules
@@ -36,6 +36,8 @@ This module creates following resources.
| [name](#input\_name) | (Required) The name of the CloudWatch OAM link. | `string` | n/a | yes |
| [sink](#input\_sink) | (Required) The ARN of the sink to use to create this link. | `string` | n/a | yes |
| [account\_label](#input\_account\_label) | (Optional) A label to help identify your source account. In the monitoring account, the account label is displayed with data from that source account. The account label is displayed in charts and search experiences to help you identify account context. Support use following template variables. Defaults to `$AccountName`.
- `$AccountName`: Account name used to identify accounts.
- `$AccountEmail`: Email address used to identify accounts. (i.e. name@amazon.com)
- `$AccountEmailNoDomain`: Email address without domain (i.e. without @amazon.com) used to identify accounts. | `string` | `"$AccountName"` | no |
+| [log\_group\_configuration](#input\_log\_group\_configuration) | (Optional) A configuration for filtering which log groups are to send log events from the source account to the monitoring account. `log_group_configuration` as defined below.
(Optional) `filter` - Filter string that specifies which log groups are to share their log events with the monitoring account. |
object({| `{}` | no | +| [metric\_configuration](#input\_metric\_configuration) | (Optional) A configuration for filtering which metric namespaces are to be shared from the source account to the monitoring account. `log_group_configuration` as defined below.
filter = optional(string, "")
})
object({| `{}` | no | | [module\_tags\_enabled](#input\_module\_tags\_enabled) | (Optional) Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no | | [resource\_group\_description](#input\_resource\_group\_description) | (Optional) The description of Resource Group. | `string` | `"Managed by Terraform."` | no | | [resource\_group\_enabled](#input\_resource\_group\_enabled) | (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. | `bool` | `true` | no | @@ -50,6 +52,8 @@ This module creates following resources. | [account\_label](#output\_account\_label) | A label to help identify your source account. | | [arn](#output\_arn) | The ARN of the CloudWatch OAM link. | | [id](#output\_id) | The ID of the CloudWatch OAM link. | +| [log\_group\_configuration](#output\_log\_group\_configuration) | A configuration for filtering which log groups are to send log events from the source account to the monitoring account. | +| [metric\_configuration](#output\_metric\_configuration) | A configuration for filtering which metric namespaces are to be shared from the source account to the monitoring account. | | [name](#output\_name) | The name of CloudWatch OAM link. | | [sink](#output\_sink) | The information of the sink for this link. | | [telemetry\_types](#output\_telemetry\_types) | A set of the telemetry types that the source account shares with the monitoring account. | diff --git a/modules/cloudwatch-oam-link/main.tf b/modules/cloudwatch-oam-link/main.tf index 432acc1..5baf28c 100644 --- a/modules/cloudwatch-oam-link/main.tf +++ b/modules/cloudwatch-oam-link/main.tf @@ -25,6 +25,27 @@ resource "aws_oam_link" "this" { label_template = var.account_label resource_types = var.telemetry_types + dynamic "link_configuration" { + for_each = (var.log_group_configuration.filter != "" || var.metric_configuration.filter != "") ? ["go"] : [] + + content { + dynamic "log_group_configuration" { + for_each = var.log_group_configuration.filter != "" ? [var.log_group_configuration] : [] + + content { + filter = log_group_configuration.value.filter + } + } + dynamic "metric_configuration" { + for_each = var.metric_configuration.filter != "" ? [var.metric_configuration] : [] + + content { + filter = metric_configuration.value.filter + } + } + } + } + tags = merge( { "Name" = local.metadata.name diff --git a/modules/cloudwatch-oam-link/outputs.tf b/modules/cloudwatch-oam-link/outputs.tf index 2884d17..098b760 100644 --- a/modules/cloudwatch-oam-link/outputs.tf +++ b/modules/cloudwatch-oam-link/outputs.tf @@ -30,3 +30,13 @@ output "telemetry_types" { description = "A set of the telemetry types that the source account shares with the monitoring account." value = aws_oam_link.this.resource_types } + +output "log_group_configuration" { + description = "A configuration for filtering which log groups are to send log events from the source account to the monitoring account." + value = var.log_group_configuration +} + +output "metric_configuration" { + description = "A configuration for filtering which metric namespaces are to be shared from the source account to the monitoring account." + value = var.metric_configuration +} diff --git a/modules/cloudwatch-oam-link/variables.tf b/modules/cloudwatch-oam-link/variables.tf index aa8ebe4..d7ad120 100644 --- a/modules/cloudwatch-oam-link/variables.tf +++ b/modules/cloudwatch-oam-link/variables.tf @@ -37,6 +37,30 @@ variable "telemetry_types" { } } +variable "log_group_configuration" { + description = <
filter = optional(string, "")
})