terraform tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
# Configure the AWS Provider
provider "aws" {
region = "us-east-1"
# shared_credentials_file default is to the previously created path
}
resource "aws_iam_policy" "policy" {
name = "pol-CloudWatch-LinuxLogs"
path = "/"
description = "for linux log mgmt"
# Terraform's "jsonencode" function converts a
# Terraform expression result to valid JSON syntax.
policy = jsonencode({
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:DescribeLogStreams",
"logs:CreateLogGroup"
],
"Resource": "arn:aws:logs:us-east-1:104530835947:log-group:*"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "logs:PutLogEvents",
"Resource": "arn:aws:logs:us-east-1:104530835947:log-group:*:log-stream:*"
}
]
})
}
sudo yum install awslogs
vim /etc/awslogs/awslogs.conf
# add stanza for /var/log/secure
sudo service awslogsd start
sudo systemctl enable awslogsd
``