I am trying to define a metric filter for my vpc flow logs and wanted the pattern to formed by a data source result. I have defined a data source to return all enis of given subnets and I want to loop over the result set and construct one metric filter for those enis. but the for_each is creating a metric filter for each eni.
I can't figure out a way to adjust the code such that I can write something like
(interfaceid=$value1 || interfaceid=$value2 || ...) in the filter pattern. any help will be much appreciated.
data "aws_network_interfaces" "ENI_List" {
filter {
name = "subnet-id"
values = ["subnet-A", "subnet-B", "subnet-C"]
}
}
Below is my metric filter. I want to be able to use each eni in the data.aws_network_interfaces.ENI_List.ids result set in my pattern like below
resource "aws_cloudwatch_log_metric_filter" "EUN_Network_Filter" {
for_each = toset("${data.aws_network_interfaces.ENI_List.ids}")
name = "EUN_DC_Network_Traffic_Monitoring"
pattern = "[version, accountid, (interfaceid=${each.value}), srcaddr, dstaddr, srcport, dstport, protocol, packets, bytes, start, end, action, logstatus=NODATA]"
log_group_name = "VPC_Flow_Log_Group" # "${data.aws_cloudwatch_log_group.vpc_flow_log_group}"
metric_transformation {
name = "EUN_Network"
namespace = "EUN_Network_Traffic"
value = "1"
}
}
CodePudding user response:
Well, you could create the following local value with combination of formatlist and join:
locals {
interfaceids_str = join(" || ", formatlist("interfaceid=%s", var.enis))
}
then
resource "aws_cloudwatch_log_metric_filter" "EUN_Network_Filter" {
name = "EUN_DC_Network_Traffic_Monitoring"
pattern = "[version, accountid, (${local.interfaceids_str}), srcaddr, dstaddr, srcport, dstport, protocol, packets, bytes, start, end, action, logstatus=NODATA]"
log_group_name = "VPC_Flow_Log_Group" # "${data.aws_cloudwatch_log_group.vpc_flow_log_group}"
metric_transformation {
name = "EUN_Network"
namespace = "EUN_Network_Traffic"
value = "1"
}
}