Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Documentation] Add reference to ESF terraform #730

Merged
merged 3 commits into from
Jul 2, 2024
Merged
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 14 additions & 6 deletions docs/en/aws-deploy-elastic-serverless-forwarder.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,7 @@ To deploy Elastic Serverless Forwarder, you have to:
[discrete]
[[aws-serverless-forwarder-deploy-prereq]]
== Prerequisites
This documentation assumes you have some familiarity with {aws} services and you have correctly created and configured the necessary {aws} objects. For example, if you want to use an Amazon S3 (via SQS event notifications) input then you must ensure that you have enabled AWS VPC flow logs to be sent to that bucket, and created an SQS queue to receive those logs. For more information, refer to the relevant https://docs.aws.amazon.com/[{aws} docs].
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am removing this because it does not read right. There are other forms to get logs in S3.


This documentation assumes you have some familiarity with {aws} services, and you have correctly created and configured the necessary {aws} objects.
// Need more details on pre-reqs for other input types

NOTE: This page describes the basic steps required to deploy Elastic Serverless
Expand Down Expand Up @@ -180,6 +179,8 @@ inputs:
ssl_assert_fingerprint: "22:F7:FB:84:1D:43:3E:E7:BB:F9:72:F3:D8:97:AD:7C:86:E3:08:42" #optional
----

WARNING: All versions up to 1.14.0 (included) only allow one output per type. So if the `output.type` chosen by a user is `elasticsearch`, then the user can only configure one output for it.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding this warning. See related issue: #721.


[discrete]
[[s3-config-file-fields]]
=== Fields
Expand Down Expand Up @@ -210,7 +211,7 @@ The type of the forwarding target output. Currently only the following outputs a
* `elasticsearch`
* preview:[] `logstash`

If {ls} is chosen as an output, Elastic Serverless Forwarder expects the {logstash-ref}/plugins-inputs-elastic_serverless_forwarder.html[`elastic_serverless_forwarder`] Logstash input to be installed, enabled, and properly configured. For more information about installing Logstash plugins, refer to the {logstash-ref}/working-with-plugins.html#installing-plugins[Logstash documentation].
Each type can only be used for a maximum of one output up to and including 1.14.0 version. If {ls} is chosen as an output, Elastic Serverless Forwarder expects the {logstash-ref}/plugins-inputs-elastic_serverless_forwarder.html[`elastic_serverless_forwarder`] Logstash input to be installed, enabled, and properly configured. For more information about installing Logstash plugins, refer to the {logstash-ref}/working-with-plugins.html#installing-plugins[Logstash documentation].

`inputs.[].outputs.[].args`:
Custom init arguments for the specified forwarding target output.
Expand Down Expand Up @@ -295,6 +296,13 @@ If the Elastic Serverless Forwarder is attached to a VPC, you need to https://do

NOTE: Refer to the {cloud}/ec-traffic-filtering-vpc.html[AWS PrivateLink traffic filters] documentation to find your VPC endpoint ID and the hostname to use in the `config.yml` in order to access your Elasticsearch cluster over PrivateLink.

[discrete]
[[aws-serverless-forwarder-deploy-terraform]]
== Deploy Elastic Serverless Forwarder from Terraform

The terraform files to deploy ESF can be found in https://github.com/elastic/terraform-elastic-esf[`esf-terraform` repository]. There are two requirements to deploy these files: https://curl.se/download.html[curl] and https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli[terraform]. Refer to the https://github.com/elastic/terraform-elastic-esf/blob/main/README.md[README file] to learn how to use it.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am leaving this section purposely short. There is documentation in the README file and I want to avoid having to maintain two different documents for the same thing.

In the future, I would suggest creating a tutorial documentation on how to get logs similarly to ESF tutorial.



[discrete]
[[aws-serverless-forwarder-deploy-sar]]
== Deploy Elastic Serverless Forwarder from SAR
Expand All @@ -303,7 +311,7 @@ There are several deployment methods available via the {aws} Serverless Applicat

* <<aws-serverless-forwarder-deploy-console>>
* <<aws-serverless-forwarder-deploy-cloudformation>>
* <<aws-serverless-forwarder-deploy-terraform>>
* <<aws-serverless-forwarder-deploy-sar-terraform>>

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@constanca-m Double checking that this renaming has been done to avoid confusion with the "real" Terraform option we are adding ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, but mainly because build_docs fails with two IDs that are the same:

INFO:build_docs:
INFO:build_docs:asciidoctor: WARNING: aws-deploy-elastic-serverless-forwarder.asciidoc: line 401: id assigned to block already in use: aws-serverless-forwarder-deploy-terraform


NOTE: To deploy the forwarder directly without using SAR, refer to <<aws-serverless-forwarder-direct-deploy>>

Expand Down Expand Up @@ -389,8 +397,8 @@ aws serverlessrepo list-application-versions --application-id arn:aws:serverless
NOTE: Starting from **v1.4.0**, if you want to update the Events settings for the forwarder, you do not need to manually delete existing settings before applying new settings.

[discrete]
[[aws-serverless-forwarder-deploy-terraform]]
=== Deploy using Terraform
[[aws-serverless-forwarder-deploy-sar-terraform]]
=== Deploy the SAR using Terraform
constanca-m marked this conversation as resolved.
Show resolved Hide resolved

. Save the following yaml content as `sar-application.tf` and fill in the correct parameters according to <<aws-serverless-forwarder-define-deploy-parameters>>:
+
Expand Down
Loading