Resource "aws_pipes_pipe" | target_parameters | cloudwatch_logs_parameters

otj22 · April 24, 2024, 10:48am

Hello, I’m hoping for some guidance with an issue I’m encountering when trying to introduce CloudWatch Logs to our EventBridge Pipes deployment.

We already have our Event Brigde pipes deployment successfully deploying and everything has operational. It’s configured with a Kinesis Stream Source and Lambda Function target. I don’t think I need to go in more details on those for this question but I can if necessary.

All I’m trying to achieve is enabling logging to CloudWatch logs. This works fine via the AWS Management Console but I receive an error when introducing the cloudwatch_logs_parameters in the target_parameters Configuration Block.

cloudwatch_logs_parameters

I initially tried using an existing log stream which had been used when the logging was configured manually via the the AWS management console. I’ve using the ARN of the log group (I know this is not the “stream”) and I’ve tried using the path to the log stream.

I’ve also tried creating a new CW log group and stream from within the same TF project, referencing them as the “log_stream_name” value and still I get the same issue.

Sample 1

# extract from resource "aws_pipes_pipe"
  target_parameters {
    cloudwatch_logs_parameters {
      log_stream_name = "my-Pipes-Log-Stream-QA-eu-west-1"
    }
	
    input_template = data.template_file.EBTemplate.rendered
  }

Sample 2

# CW log/stream
resource "aws_cloudwatch_log_group" "EBPipesLogGroup" {
  name = "/aws/vendedlogs/pipes/my-Pipes-Logs-${var.base_release_type}-${var.aws_region}"
}

resource "aws_cloudwatch_log_stream" "EBPipesLogStream" {
  name           = "my-Pipes-Log-Stream-${var.base_release_type}-${var.aws_region}"
  log_group_name = aws_cloudwatch_log_group.EBPipesLogGroup.name
}

# extract from resource "aws_pipes_pipe"
...
target_parameters {
    cloudwatch_logs_parameters {
      log_stream_name = aws_cloudwatch_log_stream.EBPipesLogStream.name
    }
    input_template = data.template_file.EBPipeInputTemplateVar.rendered
  }
}

Error received:

Error: updating Amazon EventBridge Pipes Pipe (my-EB-Pipes-1): operation error Pipes: UpdatePipe, https response error StatusCode: 400, RequestID: caa27774-6304-4d17-88b9-7aab75034a0d, ValidationException: {“ValidationErrorFields”:[{“Name”:“CloudWatchLogsParameters”,“Message”:“Invalid target parameter provided for target.”}]}

otj22 · April 29, 2024, 4:02pm

I’ve going to mark this as resolved/closed.

The issue was simply that there is no terraform support for using CW Logging at the moment.

Enhancement request can be found on Github - [Enhancement]: Add logging configuration for the event bridge pipe · Issue #35216 · hashicorp/terraform-provider-aws · GitHub

Topic		Replies	Views
How to enable message extraction in the firehose cloudwatch decompression feature? AWS	3	430	November 20, 2024
Create WAFv2 logging configuration to Cloudwatch AWS	2	4224	January 20, 2022
Aws Cloudwatch log and lambda permissions AWS	0	1414	August 13, 2020
InvalidParameterException: destinationArn for vendor lambda cannot be used with Terraform hcp-terraform	0	2162	August 20, 2020
Cloudwatch log subscription filter escaping quotations issue AWS	1	1029	December 14, 2022

Resource "aws_pipes_pipe" | target_parameters | cloudwatch_logs_parameters

Related topics