Merge pull request #79 from SumoLogic/hpal_bucket_fix

Fixing Region bucket mapping

Author: himanshu219

.travis.yml

@@ -10,13 +10,13 @@ jobs:
     env: FUNCTION_DIR=cloudwatchlogs-with-dlq TEST_FILE=test_cwl_lambda.py NODE_VERSION="8.10"
   - stage: Node 8
     node_js: '8.10'
-    env: FUNCTION_DIR=loggroup-lambda-connector TEST_FILE=test_loggroup_lambda_connector.py NODE_VERSION="8.10"
+    env: FUNCTION_DIR=loggroup-lambda-connector/test TEST_FILE=test_loggroup_lambda_connector.py NODE_VERSION="8.10"
   - stage: Node 6
     node_js: '6.10'
     env: FUNCTION_DIR=cloudwatchlogs-with-dlq TEST_FILE=test_cwl_lambda.py NODE_VERSION="6.10"
   - stage: Node 6
     node_js: '6.10'
-    env: FUNCTION_DIR=loggroup-lambda-connector TEST_FILE=test_loggroup_lambda_connector.py NODE_VERSION="6.10"
+    env: FUNCTION_DIR=loggroup-lambda-connector/test TEST_FILE=test_loggroup_lambda_connector.py NODE_VERSION="6.10"
 before_install:
 - sudo apt-get install python-pip
 - cd $FUNCTION_DIR

cloudwatchlogs-with-dlq/DLQLambdaCloudFormation.json

@@ -30,6 +30,25 @@
         "Description": "Select true to get loggroup/logstream values in logs"
       }
     },
+    "Mappings" : {
+        "RegionMap" : {
+            "us-east-1": {"bucketname": "appdevzipfiles-us-east-1"},
+            "us-east-2": {"bucketname": "appdevzipfiles-us-east-2"},
+            "us-west-1": {"bucketname": "appdevzipfiles-us-west-1"},
+            "us-west-2": {"bucketname": "appdevzipfiles-us-west-2"},
+            "ap-south-1": {"bucketname": "appdevzipfiles-ap-south-1"},
+            "ap-northeast-2": {"bucketname": "appdevzipfiles-ap-northeast-2"},
+            "ap-southeast-1": {"bucketname": "appdevzipfiles-ap-southeast-1"},
+            "ap-southeast-2": {"bucketname": "appdevzipfiles-ap-southeast-2"},
+            "ap-northeast-1": {"bucketname": "appdevzipfiles-ap-northeast-1"},
+            "ca-central-1": {"bucketname": "appdevzipfiles-ca-central-1"},
+            "eu-central-1": {"bucketname": "appdevzipfiles-eu-central-1"},
+            "eu-west-1": {"bucketname": "appdevzipfiles-eu-west-1"},
+            "eu-west-2": {"bucketname": "appdevzipfiles-eu-west-2"},
+            "eu-west-3": {"bucketname": "appdevzipfiles-eu-west-3"},
+            "sa-east-1": {"bucketname": "appdevzipfiles-sa-east-1"}
+        }
+    },
     "Resources": {
         "SumoCWLogGroup": {
             "Type": "AWS::Logs::LogGroup",
@@ -176,7 +195,7 @@
             "Properties": {
                 "FunctionName": { "Fn::Join": [ "-", [ "SumoCWLogsLambda", { "Fn::Select" : [ "2", {"Fn::Split" : [ "/" , { "Ref": "AWS::StackId" } ]}] } ] ] },
                 "Code": {
-                    "S3Bucket": {"Fn::Join": ["", ["appdevzipfiles-", { "Ref" : "AWS::Region" }] ] },
+                    "S3Bucket": { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "bucketname"]},
                     "S3Key": "cloudwatchlogs-with-dlq.zip"
                 },
                 "Role": {
@@ -237,7 +256,7 @@
             "Properties": {
                 "FunctionName": { "Fn::Join": [ "-", [ "SumoCWProcessDLQLambda", { "Fn::Select" : [ "2", {"Fn::Split" : [ "/" , { "Ref": "AWS::StackId" } ]}] } ] ] },
                 "Code": {
-                    "S3Bucket": {"Fn::Join": ["", ["appdevzipfiles-", { "Ref" : "AWS::Region" }] ] },
+                    "S3Bucket": { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "bucketname"]},
                     "S3Key": "cloudwatchlogs-with-dlq.zip"
                 },
                 "Role": {
@@ -321,7 +340,8 @@
             "Description": "The ARN of the sumologic cloudwatch logs lambda",
             "Value" : { "Fn::GetAtt" : ["SumoCWLogsLambda", "Arn"] },
             "Export" : {
-                "Name" : "SumoCWLogsLambdaArn"
+                "Name" : { "Fn::Join": [ "-", [ "SumoCWLogsLambdaArn", { "Fn::Select" : [ "2", {"Fn::Split" : [ "/" , { "Ref": "AWS::StackId" } ]}] } ] ] }
+
             }
         }
     }

loggroup-lambda-connector/Readme.md

@@ -1,8 +1,19 @@
-# LogGroup Lambda Connector
+# SumoLogic LogGroup Connector
 This is used to automatically subscribe newly created and existing Cloudwatch LogGroups to a Lambda function.
 
-### Creating Stack in AWS Cloudformation
-you can create the stack by using [aws-cli](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-cli-creating-stack.html) or directly from aws console using webbrowser and uploading loggroup-lambda-cft.json. For more details checkout it's [documentation](https://help.sumologic.com/?cid=39393)
+Made with ❤️ by Sumo Logic. Available on the [AWS Serverless Application Repository](https://aws.amazon.com/serverless)
+
+### Deploying the SAM Application
+    1. Open a browser window and enter the following URL: https://serverlessrepo.aws.amazon.com/applications
+    2. In the Serverless Application Repository, search for sumologic.
+    3. Select Show apps that create custom IAM roles or resource policies check box.
+    4. Click the sumologic-loggroup-connector,link, and then click Deploy.
+    5. In the Configure application parameters panel,
+        LambdaARN: "Enter ARN for target lambda function" All loggroups matching the pattern are subscribed to this function
+        LogGroupPattern: "Enter regex for matching logGroups"
+        UseExistingLogs: "Select true for subscribing existing logs"
+    6. Click Deploy.
+
 
 ### Configuring Lambda
 It has two environment variables
@@ -28,6 +39,8 @@ It has two environment variables
             ]
         ]
     }
+
+**USE_EXISTING_LOGS**: This is used for subscribing existing log groups. By setting this parameter to true and invoking the function manually, all the existing log groups matching the pattern will be subscribed to lambda function with LAMBDA_ARN as arn
 ```
 
 ### For Developers
@@ -50,4 +63,12 @@ Running the test cases
 ```
 Run the above command after building the zip file
 
+## License
+
+Apache License 2.0 (Apache-2.0)
+
+
+## Support
+Requests & issues should be filed on GitHub: https://github.com/SumoLogic/sumologic-aws-lambda/issues
+
 

loggroup-lambda-connector/loggroup-lambda-cft.json

@@ -9,8 +9,8 @@
   "devDependencies": {},
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1",
-    "build": "rm -f loggroup-lambda-connector.zip && zip -r loggroup-lambda-connector.zip loggroup-lambda-connector.js package.json",
-    "prod_deploy": "python -c 'from test_loggroup_lambda_connector import prod_deploy;prod_deploy()'"
+    "build": "echo `pwd` && rm -f test/loggroup-lambda-connector.zip && zip -r test/loggroup-lambda-connector.zip src/loggroup-lambda-connector.js package.json",
+    "prod_deploy": "python -c 'from test.test_loggroup_lambda_connector import prod_deploy;prod_deploy()'"
   },
   "keywords": [
     "AWS"

loggroup-lambda-connector/package.json

@@ -0,0 +1,82 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: '"Lambda Function for automatic subscription of any Sumo Logic lambda
+  function with loggroups matching an input pattern."
+
+  '
+Globals:
+  Function:
+    MemorySize: 128
+    Timeout: 300
+Outputs:
+  SumoLogGroupLambdaConnector:
+    Description: SumoLogGroupLambdaConnector Function ARN
+    Value:
+      Fn::GetAtt:
+      - SumoLogGroupLambdaConnector
+      - Arn
+Parameters:
+  LambdaARN:
+    Default: arn:aws:lambda:us-east-1:123456789000:function:TestLambda
+    Description: Enter ARN for target lambda function
+    Type: String
+  LogGroupPattern:
+    Default: Test
+    Description: Enter regex for matching logGroups
+    Type: String
+  UseExistingLogs:
+    AllowedValues:
+    - 'true'
+    - 'false'
+    Default: 'false'
+    Description: Select true for subscribing existing logs
+    Type: String
+Resources:
+  SumoCWLambdaInvokePermission:
+    Properties:
+      Action: lambda:InvokeFunction
+      FunctionName:
+        Ref: LambdaARN
+      Principal:
+        Fn::Sub: logs.${AWS::Region}.amazonaws.com
+      SourceAccount:
+        Ref: AWS::AccountId
+      SourceArn:
+        Fn::Sub: arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*
+    Type: AWS::Lambda::Permission
+  SumoLogGroupLambdaConnector:
+    Properties:
+      CodeUri: s3://appdevstore/6bef113d950a9923b446dd438116f2a1
+      Environment:
+        Variables:
+          LAMBDA_ARN:
+            Ref: LambdaARN
+          LOG_GROUP_PATTERN:
+            Ref: LogGroupPattern
+          USE_EXISTING_LOG_GROUPS:
+            Ref: UseExistingLogs
+      Events:
+        LambdaTrigger:
+          Properties:
+            Pattern:
+              detail:
+                eventName:
+                - CreateLogGroup
+                eventSource:
+                - logs.amazonaws.com
+              source:
+              - aws.logs
+          Type: CloudWatchEvent
+      Handler: loggroup-lambda-connector.handler
+      Policies:
+      - Statement:
+        - Action:
+          - logs:DescribeLogGroups
+          - logs:DescribeLogStreams
+          - logs:PutSubscriptionFilter
+          Effect: Allow
+          Resource:
+          - Fn::Sub: arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:*
+          Sid: ReadWriteFilterPolicy
+      Runtime: nodejs8.10
+    Type: AWS::Serverless::Function
+Transform: AWS::Serverless-2016-10-31

loggroup-lambda-connector/sam/packaged.yaml

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ "$AWS_PROFILE" == "prod" ]
+then
+    SAM_S3_BUCKET="appdevstore"
+    AWS_REGION="us-east-1"
+else
+    SAM_S3_BUCKET="cf-templates-5d0x5unchag-us-east-2"
+    AWS_REGION="us-east-2"
+fi
+sam package --template-file template.yaml --s3-bucket $SAM_S3_BUCKET  --output-template-file packaged.yaml
+
+sam deploy --template-file packaged.yaml --stack-name testingloggrpconnector --capabilities CAPABILITY_IAM --region $AWS_REGION  --parameter-overrides LambdaARN="arn:aws:lambda:us-east-1:956882708938:function:AccessVPCResourcesLambda"
+#aws cloudformation describe-stack-events --stack-name testingloggrpconnector --region $AWS_REGION
+#aws cloudformation get-template --stack-name testingloggrpconnector  --region $AWS_REGION
+# aws serverlessrepo create-application-version --region us-east-1 --application-id arn:aws:serverlessrepo:us-east-1:$AWS_ACCOUNT_ID:applications/sumologic-securityhub-connector --semantic-version 1.0.1 --template-body file://packaged.yaml