Skip to content

schubergphilis/terraform-azure-mcaf-datadog-forwarder

BranchesTags

Repository files navigation

Requirements

Name Version
terraform >= 1.8
azuread ~> 2.53
azurerm ~> 4.0
datadog ~> 3.0

Providers

Name Version
azurerm ~> 4.0

Modules

Name Source Version
storage_account github.com/schubergphilis/terraform-azure-mcaf-storage-account.git v0.7.2

Resources

Name Type
azurerm_application_insights.appr_appi resource
azurerm_eventhub.this resource
azurerm_eventhub_authorization_rule.this resource
azurerm_eventhub_consumer_group.this resource
azurerm_eventhub_namespace.this resource
azurerm_eventhub_namespace_authorization_rule.this resource
azurerm_eventhub_namespace_customer_managed_key.this resource
azurerm_linux_function_app.this resource
azurerm_role_assignment.ehns_datadog_mid resource
azurerm_role_assignment.func_datadog_mid_eventhub resource
azurerm_role_assignment.func_datadog_mid_keyvault resource
azurerm_role_assignment.func_datadog_mid_sta_blob resource
azurerm_role_assignment.func_datadog_mid_sta_file resource
azurerm_role_assignment.func_datadog_mid_sta_queue resource
azurerm_role_assignment.func_datadog_mid_sta_table resource
azurerm_role_assignment.security_provider resource
azurerm_role_assignment.sta_datadog_mid resource
azurerm_role_assignment.this resource
azurerm_storage_container.this resource
azurerm_user_assigned_identity.ehns_datadog_mid resource
azurerm_user_assigned_identity.func_datadog_mid resource
azurerm_user_assigned_identity.sta_datadog_mid resource
azurerm_client_config.current data source
azurerm_key_vault.this data source
azurerm_key_vault_key.cmk_encryption_key data source
azurerm_key_vault_secret.datadog_api_key data source

Inputs

Name Description Type Default Required
application_insights_name The name of the Application Insights to be deployed string n/a yes
ddog_storage_containers Blob Containers to be created in the Storage Account set(string) n/a yes
event_hub The properties of the Event Hub to be deployed 
object({
    namespace_name     = string
    sku                = optional(string, "Premium")
    capacity           = optional(number, 2)
    hub_name           = string
    authorization_rule = string
    consumer_group     = string
  })
 n/a yes
event_hub_authorization_rules Event Hub authorization rules 
map(
    object({
      listen = bool
      send   = bool
      manage = bool
    })
  )
 n/a yes
event_hub_consumer_groups Event Hub consumer groups set(string) n/a yes
event_hub_namespace The properties of the Event Hub Namespace to be deployed 
object({
    diagnostics_policy_authorization_rule_name = string
  })
 n/a yes
function_app The parameters to be used for the Function App deployment. Inludes the ID of the App Service Plan to be used and the ID of the subent for regional VNET integration 
object({
    service_plan_id = string
    vnet_subnet_id  = string
  })
 n/a yes
function_app_name The name of the Function App to be deployed string n/a yes
location Location of the deployed Resources string n/a yes
log_analytics_workspace_id The resource id of the log analytics workspace to which application insights logs should be sent string n/a yes
managed_identity_name The name of the Managed Identity to be deployed string n/a yes
resource_group_name The Resource Group that will be used the deployment string n/a yes
datadog_site_hostname Datadog site host name string "datadoghq.eu" no
key_vault The properties of the Key Vault to be used to store secrets 
object({
    name                = string
    resource_group_name = string
  })
 null no
key_vault_secret_cmk_key_name n/a string "cmkrsa" no
key_vault_secret_datadog_apikey_name The name of the Key Vault secret containing the DataDog API key string "datadog-api-key" no
storage_account The configuration of the Storage Account to be deployed as storage for the Function App 
object({
    name                              = string
    public_network_access_enabled     = optional(bool, false)
    account_tier                      = optional(string, "Standard")
    account_replication_type          = optional(string, "ZRS")
    access_tier                       = optional(string, "Hot")
    log_retention_days                = optional(number, null)
    move_to_cold_after_days           = optional(number, null)
    move_to_archive_after_days        = optional(number, null)
    snapshot_retention_days           = optional(number, 90)
    infrastructure_encryption_enabled = optional(bool, true)
    cmk_key_vault_id                  = optional(string, null)
    cmk_key_name                      = optional(string, "cmkrsa")
    system_assigned_identity_enabled  = optional(bool, false)
    user_assigned_identities          = optional(list(string), [])
    enable_law_data_export            = optional(bool, false)
    immutability_policy = optional(object({
      state                         = optional(string, "Unlocked")
      allow_protected_append_writes = optional(bool, true)
      period_since_creation_in_days = optional(number, 14)
    }), null)
  })
 null no
tags A map of tags to assign to the resource. map(string) {} no
windows_azure_security_resource_provider_id Optional: This is used to enable Defender export to Event Hub. The Windows Azure Security resource provider ID can be found under Enterprise Applications. string null no

Outputs

Name Description
eventhub_namespace_id n/a
function_app_id n/a
storage_account_id n/a

About

Impelementation of DataDog forwarder

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

1 fork
Report repository

Releases 8

v3.0.0 Latest
Jul 2, 2025
+ 7 releases

Packages

No packages published

Contributors 5

Languages