feat: 7413: upgrade Module DataDog v2.5.0

bolanlesd · bolanlesd · commit 28cd26344af1 · 2021-10-22T21:08:42.000+01:00
diff --git a/main.tf b/main.tf
@@ -59,6 +59,7 @@ resource "aws_iam_policy" "datadog-core" {
         "apigateway:GET",
         "autoscaling:Describe*",
         "budgets:ViewBudget",
+        "cloudformation:DetectStack*",
         "cloudfront:GetDistributionConfig",
         "cloudfront:ListDistributions",
         "cloudtrail:DescribeTrails",
@@ -76,6 +77,7 @@ resource "aws_iam_policy" "datadog-core" {
         "ec2:Describe*",
         "ec2:DescribeInstanceStatus",
         "ec2:DescribeInstances",
+        "ecs:Describe*",
         "ecs:List*",
         "elasticache:Describe*",
         "elasticache:List*",
@@ -88,6 +90,7 @@ resource "aws_iam_policy" "datadog-core" {
         "es:ListTags",
         "es:ListDomainNames",
         "es:DescribeElasticsearchDomains",
+        "fsx:DescribeFileSystems",
         "health:DescribeEvents",
         "health:DescribeEventDetails",
         "health:DescribeAffectedEntities",
@@ -104,6 +107,7 @@ resource "aws_iam_policy" "datadog-core" {
         "logs:PutSubscriptionFilter",
         "logs:DeleteSubscriptionFilter",
         "logs:DescribeSubscriptionFilters",
+        "organizations:DescribeOrganization",
         "rds:Describe*",
         "rds:List*",
         "redshift:DescribeClusters",
@@ -141,3 +145,9 @@ resource "aws_iam_role_policy_attachment" "datadog-core-attach" {
   role       = aws_iam_role.datadog-integration[0].name
   policy_arn = aws_iam_policy.datadog-core[0].arn
 }
+
+resource "aws_iam_role_policy_attachment" "datadog-core-attach-extras" {
+  for_each   = toset(var.extra_policy_arns)
+  role       = aws_iam_role.datadog-integration[0].name
+  policy_arn = each.value
+}
diff --git a/vars.tf b/vars.tf
@@ -49,7 +49,7 @@ variable "env" {
 }
 variable "account_specific_namespace_rules" {
   description = "account_specific_namespace_rules argument for datadog_integration_aws resource"
-  type        = map
+  type        = map(any)
   default     = {}
 }
 variable "elb_logs_bucket_prefix" {
@@ -66,7 +66,7 @@ variable "log_exclude_at_match" {
 variable "dd_forwarder_template_version" {
   description = "Sets Datadog Forwarder version to use"
   type        = string
-  default     = "3.17.0"
+  default     = "3.27.0"
 }
 
 variable "dd_forwarder_dd_site" {
@@ -86,3 +86,9 @@ variable "filter_tags" {
   type        = list(string)
   default     = []
 }
+
+variable "extra_policy_arns" {
+  description = "Extra policy arns to attach to the datadog-integration-role"
+  type        = list(string)
+  default     = []
+}
