-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a new Ansible role to the configuration
This Ansible role writes an AWS CloudWatch Agent configuration file when run. It offers more configurability of the log group name than is available with cisagov/ansible-role-cloudwatch-agent. It is necessary to define it here instead of enhancing the aforementioned role due to how AMIs are built and deployed in this configuration. We need to ensure that the configuration file can be modified for a given Terraform workspace regardless of whether custom AMIs are used or not.
- Loading branch information
Showing
10 changed files
with
582 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# cloudwatch_agent # | ||
|
||
An Ansible role for creating (or replacing) the AWS CloudWatch Agent | ||
configuration file. | ||
|
||
## Requirements ## | ||
|
||
None | ||
|
||
## Role Variables ## | ||
|
||
None | ||
|
||
## Dependencies ## | ||
|
||
None | ||
|
||
## Example Playbook ## | ||
|
||
Here's how to use it in a playbook: | ||
|
||
```yaml | ||
- hosts: all | ||
become: yes | ||
become_method: sudo | ||
roles: | ||
- cloudwatch_agent | ||
``` | ||
## License ## | ||
BSD | ||
## Author Information ## | ||
Shane Frasier <jeremy.frasier@beta.dhs.gov> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
cloudwatch_agent_log_group_base_name: /instance-logs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
# handlers file for cloudwatch_agent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
galaxy_info: | ||
author: VM Fusion Dev | ||
company: CISA Cyber Assessments | ||
description: Create or replace the AWS CloudWatch Agent configuration file | ||
galaxy_tags: [] | ||
license: CC0 | ||
# Our standalone Ansible roles require this Ansible version | ||
min_ansible_version: "2.10" | ||
namespace: cyhy | ||
platforms: | ||
- name: Debian | ||
versions: | ||
- stretch | ||
- buster | ||
- bullseye | ||
role_name: cloudwatch_agent | ||
|
||
dependencies: [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
--- | ||
- name: Create the CloudWatch Agent configuration | ||
ansible.builtin.template: | ||
dest: /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json | ||
mode: 0600 | ||
src: amazon-cloudwatch-agent.json.j2 |
Oops, something went wrong.