{"id":15867044,"url":"https://github.com/pacovk/terraform-aws-functionbeat","last_synced_at":"2025-07-31T19:32:54.667Z","repository":{"id":37953694,"uuid":"486142672","full_name":"PacoVK/terraform-aws-functionbeat","owner":"PacoVK","description":"A Terraform module for Elastic Functionbeat to ship Cloudwatch logs ","archived":false,"fork":false,"pushed_at":"2024-03-14T19:13:27.000Z","size":44,"stargazers_count":4,"open_issues_count":0,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-09T13:06:29.983Z","etag":null,"topics":["elasticstack","functionbeat","logging-and-metrics","terraform","terraform-module"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PacoVK.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-27T10:14:24.000Z","updated_at":"2023-11-10T19:31:40.000Z","dependencies_parsed_at":"2023-12-11T17:29:40.551Z","dependency_job_id":"7afeebac-60fc-4bcc-a0ab-c72b354e992e","html_url":"https://github.com/PacoVK/terraform-aws-functionbeat","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/PacoVK/terraform-aws-functionbeat","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PacoVK%2Fterraform-aws-functionbeat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PacoVK%2Fterraform-aws-functionbeat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PacoVK%2Fterraform-aws-functionbeat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PacoVK%2Fterraform-aws-functionbeat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PacoVK","download_url":"https://codeload.github.com/PacoVK/terraform-aws-functionbeat/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PacoVK%2Fterraform-aws-functionbeat/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264465847,"owners_count":23612580,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["elasticstack","functionbeat","logging-and-metrics","terraform","terraform-module"],"created_at":"2024-10-05T23:40:56.261Z","updated_at":"2025-07-09T13:07:56.384Z","avatar_url":"https://github.com/PacoVK.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# README #\n\n### [DEPRECATION NOTICE] ###\nFunctionbeat has been deprecated in favor to the new [Elastic Serverless Forwarder](https://www.elastic.co/guide/en/esf/current/aws-elastic-serverless-forwarder.html). Fortunately, Elastic Serverless Forwarder ships with a [Terraform deployment capability](https://www.elastic.co/guide/en/esf/current/aws-deploy-elastic-serverless-forwarder.html#aws-serverless-forwarder-deploy-terraform). \nThis module will **stay maintained, but no additional features** will be added.\n\n\u003e INFO: AWS deprecated the golang runtime. This module now uses the alternative way to run go binaries using `provided.al2` runtime. This requires a Functionbeat version of at least `8.12.1`.\nIf you need to run a prior version you must use module version \u003c 3.x. The full `provided.al2` runtime was heavily supported by [lutz108](https://github.com/lutz108)!\n\n## What is this module for? ##\n\nTerraform wrapper module to ship Cloudwatch Logs to Kibana via Functionbeat. See [official Docs](https://www.elastic.co/guide/en/beats/functionbeat/current/index.html). \u003cbr/\u003e\nThe official Functionbeat is based on Cloudformation and also ships with a deployment CLI. If you prefer to stick to Terraform you cannot use Functionbeat alongside your infrastructure code base. This module wrapps the base function to package the Functionbeat lambda and actually deploys via Terraform. \n\n## Requirements ##\nSince this module executes a script ensure your machine has the following software available:\n* jq\n* curl\n* tar\n* zip\n* unzip\n\n### Running under Alpine ###\n:information_source: \nThe Functionbeat installer is not compatible with Alpine, due to missing libc. To be able to use this module on Alpine,\neg. in a CI pipeline, you need to provide the missing dependencies. \nYou can install libc6-compat using ``apk add --no-cache libc6-compat``. \n\n## Simple example ##\n\nFor detailed example please refer to this [blog post](https://medium.com/@pascal-euhus/terraform-functionbeat-e481554d729e) using Elasticsearch output\nPlease note that output to Logstash is also possible, but in this example we\nuse Elasticsearch.\n\n````terraform\nresource \"aws_security_group\" \"functionbeat_securitygroup\" {\n name = \"Functionbeat\"\n vpc_id = data.aws_vpc.vpc.id\n\n egress {\n from_port = 443\n protocol = \"tcp\"\n to_port = 443\n description = \"HTTPS\"\n cidr_blocks = [\"0.0.0.0/0\"]\n }\n}\n\nmodule \"functionbeat\" {\n source = \"git::ssh://git@github.com:PacoVK/functionbeat.git\"\n\n application_name = \"crazy-test-application\"\n functionbeat_version = \"7.17.1\"\n lambda_config = {\n name = \"my-kibana-exporter\"\n\n vpc_config = {\n vpc_id = data.aws_vpc.vpc.id\n subnet_ids = data.aws_subnets.private.ids\n security_group_ids = [aws_security_group.functionbeat_securitygroup.id]\n }\n\n output_elasticsearch = {\n hosts : [\"https://your-endpoint:443\"]\n protocol : \"https\"\n username : \"elastic\"\n password : \"mysupersecret\"\n }\n }\n}\n````\n\n## Advanced example ##\n\nHead over to `example/elasticsearch/elasticsearch.tf` or `example/logstash/logstash.tf` to get an more advanced example.\n\n## Usage ##\n\n| Parameter | Required | Description |\n|--------------------------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------|\n| application_name | X | Name of the application to ship the logs from |\n| functionbeat_version | X | Version to download and deploy of Functionbeat |\n| lambda_config | X | Functionbeat and Lambda config (see below) |\n| tags | - | Tags to add to all created AWS resources (see below) |\n| lambda_reserved_concurrent_execution | - | Reserved concurrency (default: 5) |\n| lambda_memory_size | - | Memory size (default: 128MB) |\n| lambda_timeout | - | Timeout (default: 3s) |\n| lambda_description | - | Description added to the Lambda (default: \"Lambda function to ship cloudwatch logs to Kibana\") |\n| lambda_write_arn_to_ssm | - | Switch to control weather the actual Lambda ARN should be written to SSM (default:true) |\n| fb_log_level | - | Functionbeat loglevel, will be set as an ENV on the Lambda level for easy adjustion (default: info) |\n| fb_extra_configuration | - | HCL-Map with actual Functionbeat config (default: {}) |\n| fb_extra_tags | - | The tags of the shipper are included in their own field with each transaction published (default: []) |\n| loggroup_name | - | Name of the Cloudwatch log group to be added as trigger for the function (default: null) |\n| loggroup_filter_pattern | - | Regex pattern to filter logs which trigger the Lambda (default: \"\") |\n\n#### lambda_config (required) ####\n\nYou configure your lambda here.\n\n````\n lambda_config = {\n name = \"\u003cNAME-OF-YOUR-LAMBDA\u003e\"\n vpc_config = {\n vpc_id = \u003cTARGET-VPC\u003e\n subnet_ids = \u003cTARGET-SUBNET-IDS\u003e\n security_group_ids = [\u003cA-SECURITYGROUP-ID\u003e]\n }\n # You can put any HCL-Map with valid Functionbeat config for Elasticsearch Output \n output_elasticsearch = {\n hosts = [\"https://your-endpoint:443\"]\n protocol = \"https\"\n username = \"elastic\"\n password = \"mysupersecret\"\n }\n }\n````\n\n## Converting YAML into HCL ##\n\nYou easily extend the Functionbeat reference by setting `fb_extra_configuration`. Just head over to the [official Documentation](https://www.elastic.co/guide/en/beats/functionbeat/7.17/functionbeat-reference-yml.html). To ease you life make use of the online [YAML to HCL](https://www.hcl2json.com/) converter to translate from YAML to valid HCL.\n\nExample:\n```yaml\nprocessors:\n - add_fields:\n target: project\n fields:\n name: myproject\n id: '574734885120952459'\n```\nbecomes\n```terraform\nprocessors = [\n {\n add_fields = {\n fields = {\n id = \"574734885120952459\"\n name = \"myproject\"\n }\n target = \"project\"\n }\n }\n]\n```\nwhich results in the following module configuration\n```terraform\nfb_extra_configuration = {\n processors = [\n {\n add_fields = {\n fields = {\n id = \"574734885120952459\"\n name = \"myproject\"\n }\n target = \"project\"\n }\n }\n ]\n}\n```\n\n## Outputs ##\nThis module exposes: \n* the functionbeat lambda ARN\n* if `lambda_write_arn_to_ssm` is set to `true`, the name of the actual created SSM parameter\n\n## Just get ahead for quick test ## \n\n*Requirement*\n* Setup AWS config locally\n* Setup Terraform cli\n\nIn ``examples/`` there is an advanced example.\nSimply checkout the module source and\n```shell\ncd examples/elasticsearch\nterrafrom init\nterraform apply -auto-approve\n```\nClean up after you're done\n```shell\nterraform destroy -auto-approve\n```\n\n## Integrate with serverless framework ##\nYou can easily attach cloudwatchlog groups of your [serverless](https://www.serverless.com/) application, just by using the [serverless-plugin-log-subscription](https://www.serverless.com/plugins/serverless-plugin-log-subscription).\n1. Use this module and install the Lambda, ensure `lambda_write_arn_to_ssm` is set to `true`, which is default.\n```terraform\nmodule \"functionbeat\" {\n lambda_config = {\n name = \"my-kibana-log-shipper\"\n ...\n}\n```\n2. To attach all your Lambdas logs for your Serverless application add the following plugin config into your `serverless.yml`\n```yaml\ncustom:\n logSubscription:\n enabled: true\n destinationArn: '${ssm:my-kibana-log-shipper_arn}'\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpacovk%2Fterraform-aws-functionbeat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpacovk%2Fterraform-aws-functionbeat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpacovk%2Fterraform-aws-functionbeat/lists"}