Overview

Connecting Sym audit logs to Datadog is a similar process to New Relic, abstracted with a datadog-connector module that provisions a Kinesis Firehose configured to pipe logs to Datadog.

To provide the Sym Runtime with access to the resources created in this Connector, use the aws/kinesis-firehose addon in the runtime-connector module.

🚧

Security Note

The datadog_access_key variable is sensitive. Be sure to manage this value in an environment variable or a tfvars file that is excluded from version control. For example, export TF_VAR_datadog_access_key="my-access-key".

Example

module "datadog_connector" {
  source  = "terraform.symops.com/symopsio/datadog-connector/sym"
  version = ">= 1.0.0"

  environment = "prod"
  datadog_access_key = var.sensitive_access_key
}

API Reference

Outputs

Inputs

Required Inputs

The following input variables are required:

datadog_access_key

Description: Secret used by the Firehose to send logs to Datadog. DO NOT check this into version control.

Type: string

environment

Description: An environment qualifier for the resources this module creates, to support a Terraform SDLC.

Type: string

Optional Inputs

The following input variables are optional (have default values):

datadog_intake_url

Description: Intake url for Datadog to consume Kinesis Firehose messages

Type: string

Default: "https://aws-kinesis-http-intake.logs.datadoghq.com/v1/input"

name_prefix

Description: A prefix for the Firehose and dependency names

Type: string

Default: ""

tags

Description: Additional tags to apply to resources.

Type: map(string)

Default: {}