Segment
Connect Sym with your AWS Secrets Manager
Follow the AWS Secrets Manager Setup tutorial to connect your AWS Secrets Manager with the Sym Runtime.
Configure Segment Write Key
For Sym to send Logs to Segment, you will need to create a Segment Write Key and share it with Sym
Create a Python Source
You will need to add a Python Source in your Segment Workspace for Sym's logs.
In the Sources tab, click "Add Source", and create a Python Source. Name it appropriately (e.g. Sym Audit Logs
Share Segment Write Key with Sym
Follow the Share Secrets with the Sym Runtime tutorial to share your credentials. We recommend using the plain style secret.
# Note: This example snippet shows only the Segment specific resources.
# aws secretsmanager put-secret-value --secret-id "main/segment-write-key" --secret-string "YOUR-SEGMENT-WRITE-KEY"
resource "aws_secretsmanager_secret" "segment_write_key" {
name = "main/segment-write-key"
description = "Segment Write Key for Sym Audit Logs"
tags = {
# This SymEnv tag is required and MUST match the `environment` in your `runtime-connector` module
# because the aws/secretsmgr only grants access to secrets tagged with a matching SymEnv value
SymEnv = "main"
}
}
resource "sym_secret" "segment_write_key" {
# `sym_secrets` is defined in "Manage Secrets with AWS Secrets Manager"
source_id = sym_secrets.this.id
path = aws_secretsmanager_secret.segment_write_key.name
}
Add a Segment Integration
Define a sym_integration
resource with type = segment
. This integration will specify the Segment write key, will be used in the Segment Log Destination configuration
external_id
: Your Segment Workspace namewrite_key_secret
: A required setting which must be set to the ID of asym_secret
referencing your Segment write key
resource "sym_integration" "segment" {
type = "segment"
name = "main-segment-integration"
# Your Segment Workspace name
external_id = "sym-test"
settings = {
# This secret was defined in the previous step
write_key_secret = sym_secret.segment_write_key.id
}
}
Add a Log Destination
Define a sym_log_destination
resource with type = segment
.
integration_id
: Thesegment
Integration referencing your Segment write key
resource "sym_log_destination" "segment" {
type = "segment"
integration_id = sym_integration.segment.id
settings = {
# A unique name for this log destination
stream_name = "segment-main"
}
}
Add the Log Destination to your Environment
Each sym_environment
accepts a list of Log Destinations to send reporting logs to. Add the ID of the Log Destination you just defined to the log_destination_ids
list.
resource "sym_environment" "this" {
name = "main"
error_logger_id = sym_error_logger.slack.id
# Add your log destinations here
log_destination_ids = [sym_log_destination.segment.id]
integrations = {
slack_id = sym_integration.slack.id
}
}
Full Example
You can find the complete code for this example in our Segment Log Destination Example.
Updated 5 months ago