https://github.com/jblukach/flume

Ship Webhook logs to the HEC collector over HTTPS using API Gateway as a broker.
https://github.com/jblukach/flume

apigateway aws broker cdk cloudformation hec lambda log python webhook

Last synced: 3 months ago
JSON representation

Ship Webhook logs to the HEC collector over HTTPS using API Gateway as a broker.

• Host: GitHub
• URL: https://github.com/jblukach/flume
• Owner: jblukach
• License: apache-2.0
• Created: 2025-02-09T01:30:26.000Z (3 months ago)
• Default Branch: main
• Last Pushed: 2025-02-09T18:26:31.000Z (3 months ago)
• Last Synced: 2025-02-09T19:29:16.719Z (3 months ago)
• Topics: apigateway, aws, broker, cdk, cloudformation, hec, lambda, log, python, webhook
• Language: Python
• Homepage: https://4n6ir.com
• Size: 17.6 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# flume

What happens when Infrastructure as Code (IaC) is all written in a specific technology, but the pipeline is unavailable for deployments? Security teams do not have a choice requiring an alternative option to contain cloud environments. Enter Cloud Development Kit (CDK), which can generate a stand-alone CloudFormation stack for quick deployment.  

### Objective

- Ship Webhook logs to an S3 bucket with an API Gateway broker.

### Quick Stack

1. Download ```flume.yaml```

2. Check Regions [1](https://github.com/jblukach/flume/blob/05b2a09231def1b215e5023d9eefa3d36762c278/flume.yaml#L253C36-L253C45) [2](https://github.com/jblukach/flume/blob/05b2a09231def1b215e5023d9eefa3d36762c278/flume.yaml#L272C36-L272C45) [3](https://github.com/jblukach/flume/blob/05b2a09231def1b215e5023d9eefa3d36762c278/flume.yaml#L293C36-L293C45) [4](https://github.com/jblukach/flume/blob/05b2a09231def1b215e5023d9eefa3d36762c278/flume.yaml#L313C26-L313C35)

3. Create Stack

4. Stack Name

5. API Gateway Name

6. Existing S3 Bucket Name

7. Add Tags

8. Deploy CloudFormation

9. Change Verify Token

### Broker URL

```

https://jm782ict1g.execute-api.us-east-1.amazonaws.com/prod/ingest?verify=

```

### CloudFormation

```

cdk synth --no-version-reporting --no-path-metadata --no-asset-metadata > flume.yaml

```

Delete from the ```Parameters:``` section of the ```flume.yaml``` file.

```

  BootstrapVersion:

    Type: AWS::SSM::Parameter::Value

    Default: /cdk-bootstrap/4n6ir/version

    Description: Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]

```