bug: fix datadog IAM policy to prevent numerous CloudTrail errors for v2 #35
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jim80net
approved these changes
Aug 17, 2021
github-actions bot
pushed a commit
that referenced
this pull request
Aug 17, 2021
## [2.3.1](v2.3.0...v2.3.1) (2021-08-17) ### Bug Fixes * Merge pull request [#35](#35) from scribd/taylorsmcclure/fix-iam-policy-v2 ([7bf7868](7bf7868))
|
🎉 This PR is included in version 2.3.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
bcha
added a commit
to bcha/terraform-aws-datadog
that referenced
this pull request
Aug 20, 2021
* feat: changes dd lambda default version from v3.17.0 to v3.27.0 change the datadog lambda forwarder version from v3.17.0 to v3.27.0. There are many feature improvements in this version such as the support for SNS topic subscriptions for S3 bucket events * fix: Add missing cloudwatch:ListMetrics access for AWS integration (scribd#27) * chore(release): 2.0.1 [skip ci] ## [2.0.1](scribd/terraform-aws-datadog@v2.0.0...v2.0.1) (2021-01-22) ### Bug Fixes * Add missing cloudwatch:ListMetrics access for AWS integration ([scribd#27](scribd#27)) ([f7c80c2](scribd@f7c80c2)) * chore(release): 2.1.0 [skip ci] # [2.1.0](scribd/terraform-aws-datadog@v2.0.1...v2.1.0) (2021-03-16) ### Features * changes dd lambda default version from v3.17.0 to v3.27.0 ([8e455a8](scribd@8e455a8)) * feat: enable support for terraform 0.14 * chore(release): 2.2.0 [skip ci] # [2.2.0](scribd/terraform-aws-datadog@v2.1.0...v2.2.0) (2021-03-19) ### Features * enable support for terraform 0.14 ([c65a0d0](scribd@c65a0d0)) * feat: enable support for Terraform 1.0 (scribd#32) * chore(release): 2.3.0 [skip ci] # [2.3.0](scribd/terraform-aws-datadog@v2.2.0...v2.3.0) (2021-07-14) ### Features * enable support for Terraform 1.0 ([scribd#32](scribd#32)) ([5410502](scribd@5410502)) * bug: fix datadog IAM policy to prevent numerous CloudTrail errors for v2 * chore(release): 2.3.1 [skip ci] ## [2.3.1](scribd/terraform-aws-datadog@v2.3.0...v2.3.1) (2021-08-17) ### Bug Fixes * Merge pull request [scribd#35](scribd#35) from scribd/taylorsmcclure/fix-iam-policy-v2 ([7bf7868](scribd@7bf7868)) Co-authored-by: Taylor McClure <taylor@scribd.com> Co-authored-by: Rusty Chain <rchain@axs.com> Co-authored-by: semantic-release-bot <semantic-release-bot@martynus.net> Co-authored-by: Jim Park <jimp@scribd.com> Co-authored-by: Andrew Wiggins <59580098+andrew-wiggins@users.noreply.github.com>
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
There are actions the DataDog lambda does not have access to. This causes noise via numerous CloudTrail errors for your AWS accounts.
Solution
Make the DataDog policy more permissive, but only with the actions that are producing the errors.