https://github.com/geekcell/terraform-aws-datadog-integration
Terraform AWS Module for provisioning various Datadog integrations.
https://github.com/geekcell/terraform-aws-datadog-integration
aws datadog logging monitoring terraform terraform-module
Last synced: 3 months ago
JSON representation
Terraform AWS Module for provisioning various Datadog integrations.
- Host: GitHub
- URL: https://github.com/geekcell/terraform-aws-datadog-integration
- Owner: geekcell
- License: apache-2.0
- Created: 2023-02-22T10:59:21.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-03-27T09:30:19.000Z (over 2 years ago)
- Last Synced: 2025-03-01T18:48:52.129Z (over 1 year ago)
- Topics: aws, datadog, logging, monitoring, terraform, terraform-module
- Language: HCL
- Homepage: https://www.geekcell.io
- Size: 39.1 KB
- Stars: 0
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://www.geekcell.io/)
### Code Quality
[](https://github.com/geekcell/terraform-aws-datadog-integration/blob/master/LICENSE)
[](https://github.com/geekcell/terraform-aws-datadog-integration/releases)
[](https://github.com/geekcell/terraform-aws-datadog-integration/actions/workflows/release.yaml)
[](https://github.com/geekcell/terraform-aws-datadog-integration/actions/workflows/validate.yaml)
[](https://github.com/geekcell/terraform-aws-datadog-integration/actions/workflows/linter.yaml)
# Terraform AWS DataDog Module
Terraform module that helps with various Datadog AWS integrations. This module consists of the Main module
for creating the AWS Integration role and the following submodules:
### Metric collection
* Metric polling (out of the box with integration role)
* [Metric streams with Kinesis Firehose](./modules/metric\_streams/README.md)
### Resource collection
* Cloud Security Posture Management (can be enabled via the integration role)
### [ECS Fargate Agent:](./modules/fargate\_agent/README.md)
* Scrape DB metrics for DBM
### [Log Forwarder Lambda:](./modules/log\_forwarder/README.md)
* Forward any S3 or CloudWatch logs to Datadog
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [account\_specific\_namespace\_rules](#input\_account\_specific\_namespace\_rules) | Enables or disables metric collection for specific AWS namespaces for this AWS account only. | `map(bool)` | `null` | no |
| [aws\_account\_id](#input\_aws\_account\_id) | AWS Account ID to integrate with DataDog. If left empty, the current account will be used. | `string` | `null` | no |
| [cspm\_resource\_collection\_enabled](#input\_cspm\_resource\_collection\_enabled) | If enabled, will add the Cloud Security Posture Management policy to the integration role and enable Datadog to collect the information. | `bool` | `false` | no |
| [datadog\_aws\_account\_id](#input\_datadog\_aws\_account\_id) | AWS Account ID of DataDog. | `string` | `"464622532012"` | no |
| [excluded\_regions](#input\_excluded\_regions) | An array of AWS regions to exclude from metrics collection. | `list(string)` | `null` | no |
| [filter\_tags](#input\_filter\_tags) | Array of EC2 tags (in the form key:value) defines a filter that Datadog uses when collecting metrics from EC2. Wildcards, such as ? (for single characters) and * (for multiple characters) can also be used. Only hosts that match one of the defined tags will be imported into Datadog. | `list(string)` | `null` | no |
| [host\_tags](#input\_host\_tags) | Array of tags (in the form key:value) to add to all hosts and metrics reporting through this integration. | `list(string)` | `null` | no |
| [metrics\_collection\_enabled](#input\_metrics\_collection\_enabled) | Whether Datadog collects metrics for this AWS account. | `bool` | `null` | no |
| [prefix](#input\_prefix) | Prefix that will added to created resources. | `string` | n/a | yes |
| [resource\_collection\_enabled](#input\_resource\_collection\_enabled) | Whether Datadog collects a standard set of resources from your AWS account. | `bool` | `null` | no |
| [tags](#input\_tags) | Tags to add to the created resources. | `map(any)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| [datadog\_integration\_role\_arn](#output\_datadog\_integration\_role\_arn) | The ARN of the IAM role created for Datadog to integrate with AWS. |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | >= 4.36 |
| [datadog](#provider\_datadog) | >= 3.21 |
## Resources
- resource.aws_iam_role_policy_attachment.csp (main.tf#161)
- resource.datadog_integration_aws.main (main.tf#28)
- data source.aws_caller_identity.current (main.tf#20)
# Examples
### Full
```hcl
# Can be configured via ENV vars. See: https://registry.terraform.io/providers/DataDog/datadog/latest/docs#optional
provider "datadog" {}
provider "aws" {}
# Enable the basic AWS integration:
# https://docs.datadoghq.com/integrations/amazon_web_services/#aws-iam-permissions
module "integration" {
source = "../../"
prefix = "datadog-pro"
}
# Enable metric stream integration for faster metric ingestion:
# https://docs.datadoghq.com/integrations/guide/aws-cloudwatch-metric-streams-with-kinesis-data-firehose
module "metric_stream" {
source = "../../modules/metrics_firehose"
prefix = "datadog-pro"
datadog_api_key = var.datadog_api_key
}
# Deploy the log forwarder Lambda via CloudFormation:
# https://docs.datadoghq.com/logs/guide/forwarder/?tab=terraform
module "log_forwarder" {
source = "../../modules/log_forwarder"
prefix = "datadog-pro"
datadog_api_key = var.datadog_api_key
}
```