docs: update templates (#9)

* fix: add missing permissions and fix example

* Update templates

* Update templates

Author: Ic3w0lf

.github/dependabot.yml

@@ -0,0 +1,32 @@
+---
+##############################
+## Dependabot configuration ##
+##############################
+
+#
+# Documentation:
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates
+#
+
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 0
+
+  # Maintain dependencies for Terraform Providers
+  - package-ecosystem: "terraform"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 0
+
+  # Maintain dependencies for Golang
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 0

.github/pull_request-template.md

@@ -5,10 +5,6 @@
 
 ...
 
-## How this PR fixes it
-
-...
-
 ## Readiness Checklist
 
 ### Author/Contributor

README.md

@@ -45,15 +45,15 @@ for creating the AWS Integration role and the following submodules:
 
 ### Metric collection
 * Metric polling (out of the box with integration role)
-* Metric streams with Kinesis Firehose
+* [Metric streams with Kinesis Firehose](./modules/metric\_streams/README.md)
 
 ### Resource collection
 * Cloud Security Posture Management (can be enabled via the integration role)
 
-### ECS Fargate Agent
+### [ECS Fargate Agent:](./modules/fargate\_agent/README.md)
 * Scrape DB metrics for DBM
 
-### Log Forwarder Lambda
+### [Log Forwarder Lambda:](./modules/log\_forwarder/README.md)
 * Forward any S3 or CloudWatch logs to Datadog
 
 ## Inputs
@@ -87,7 +87,7 @@ for creating the AWS Integration role and the following submodules:
 
 ## Resources
 
-- resource.aws_iam_role_policy_attachment.csp (main.tf#159)
+- resource.aws_iam_role_policy_attachment.csp (main.tf#161)
 - resource.datadog_integration_aws.main (main.tf#28)
 - data source.aws_caller_identity.current (main.tf#20)
 

main.tf

@@ -6,15 +6,15 @@
  *
  * ### Metric collection
  * * Metric polling (out of the box with integration role)
- * * Metric streams with Kinesis Firehose
+ * * [Metric streams with Kinesis Firehose](./modules/metric_streams/README.md)
  *
  * ### Resource collection
  * * Cloud Security Posture Management (can be enabled via the integration role)
  *
- * ### ECS Fargate Agent
+ * ### [ECS Fargate Agent:](./modules/fargate_agent/README.md)
  * * Scrape DB metrics for DBM
  *
- * ### Log Forwarder Lambda
+ * ### [Log Forwarder Lambda:](./modules/log_forwarder/README.md)
  * * Forward any S3 or CloudWatch logs to Datadog
  */
 data "aws_caller_identity" "current" {
@@ -40,7 +40,8 @@ resource "datadog_integration_aws" "main" {
 }
 
 module "integration_role" {
-  source = "github.com/geekcell/terraform-aws-iam-role?ref=v1.0"
+  source  = "geekcell/iam-role/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name            = local.datadog_integration_role_name
   use_name_prefix = false
@@ -63,7 +64,8 @@ module "integration_role" {
 }
 
 module "integration_policy" {
-  source = "github.com/geekcell/terraform-aws-iam-policy?ref=v1.0"
+  source  = "geekcell/iam-policy/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name        = "${var.prefix}-datadog-integration"
   description = "Policy for Datadog AWS Integration"

modules/fargate_agent/README.md

@@ -49,9 +49,9 @@ having to setup an EC2 instance. For more information, see: https://docs.datadog
 
 ## Resources
 
-- resource.aws_ecs_service.main (modules/fargate_agent/main.tf#44)
-- resource.aws_iam_role_policy_attachment.ecs_exec_ssm_policy (modules/fargate_agent/main.tf#96)
-- resource.aws_secretsmanager_secret.main (modules/fargate_agent/main.tf#71)
+- resource.aws_ecs_service.main (modules/fargate_agent/main.tf#46)
+- resource.aws_iam_role_policy_attachment.ecs_exec_ssm_policy (modules/fargate_agent/main.tf#99)
+- resource.aws_secretsmanager_secret.main (modules/fargate_agent/main.tf#73)
 
 # Examples
 ### Full

modules/fargate_agent/main.tf

@@ -6,7 +6,8 @@
  * having to setup an EC2 instance. For more information, see: https://docs.datadoghq.com/database_monitoring/
  */
 module "ecs_agent_container" {
-  source = "github.com/geekcell/terraform-aws-ecs-container-definition?ref=v1"
+  source  = "geekcell/ecs-container-definition/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name  = "datadog-agent"
   image = var.agent_container
@@ -26,7 +27,8 @@ module "ecs_agent_container" {
 }
 
 module "ecs_task_definition" {
-  source = "github.com/geekcell/terraform-aws-ecs-task-definition.git?ref=v1"
+  source  = "geekcell/ecs-task-definition/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name                   = var.name
   container_definitions  = [module.ecs_agent_container.hcl]
@@ -78,7 +80,8 @@ resource "aws_secretsmanager_secret" "main" {
 module "ecs_exec_ssm_policy" {
   count = length(var.secretsmanager_secret_keys) > 0 ? 1 : 0
 
-  source = "github.com/geekcell/terraform-aws-iam-policy?ref=v1"
+  source  = "geekcell/iam-policy/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name = "${var.name}-ssm-env"
   statements = [

modules/metrics_firehose/README.md

@@ -34,16 +34,16 @@ No outputs.
 
 ## Resources
 
-- resource.aws_cloudwatch_log_group.main (modules/metrics_firehose/main.tf#308)
-- resource.aws_cloudwatch_log_stream.http_endpoint (modules/metrics_firehose/main.tf#315)
-- resource.aws_cloudwatch_log_stream.s3_backup (modules/metrics_firehose/main.tf#320)
-- resource.aws_cloudwatch_metric_stream.main (modules/metrics_firehose/main.tf#103)
-- resource.aws_kinesis_firehose_delivery_stream.main (modules/metrics_firehose/main.tf#257)
-- resource.aws_s3_bucket.main (modules/metrics_firehose/main.tf#328)
-- resource.aws_s3_bucket_acl.main (modules/metrics_firehose/main.tf#334)
-- resource.aws_s3_bucket_lifecycle_configuration.main (modules/metrics_firehose/main.tf#358)
-- resource.aws_s3_bucket_policy.main (modules/metrics_firehose/main.tf#371)
-- resource.aws_s3_bucket_public_access_block.main (modules/metrics_firehose/main.tf#339)
-- resource.aws_s3_bucket_versioning.main (modules/metrics_firehose/main.tf#348)
-- data source.aws_iam_policy_document.main (modules/metrics_firehose/main.tf#378)
+- resource.aws_cloudwatch_log_group.main (modules/metrics_firehose/main.tf#312)
+- resource.aws_cloudwatch_log_stream.http_endpoint (modules/metrics_firehose/main.tf#319)
+- resource.aws_cloudwatch_log_stream.s3_backup (modules/metrics_firehose/main.tf#324)
+- resource.aws_cloudwatch_metric_stream.main (modules/metrics_firehose/main.tf#107)
+- resource.aws_kinesis_firehose_delivery_stream.main (modules/metrics_firehose/main.tf#261)
+- resource.aws_s3_bucket.main (modules/metrics_firehose/main.tf#332)
+- resource.aws_s3_bucket_acl.main (modules/metrics_firehose/main.tf#338)
+- resource.aws_s3_bucket_lifecycle_configuration.main (modules/metrics_firehose/main.tf#362)
+- resource.aws_s3_bucket_policy.main (modules/metrics_firehose/main.tf#375)
+- resource.aws_s3_bucket_public_access_block.main (modules/metrics_firehose/main.tf#343)
+- resource.aws_s3_bucket_versioning.main (modules/metrics_firehose/main.tf#352)
+- data source.aws_iam_policy_document.main (modules/metrics_firehose/main.tf#382)
 <!-- END_TF_DOCS -->

modules/metrics_firehose/main.tf

@@ -6,7 +6,8 @@
  * for more information.
  */
 module "firehose_role" {
-  source = "github.com/geekcell/terraform-aws-iam-role?ref=v1"
+  source  = "geekcell/iam-role/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name        = "${var.prefix}-datadog-firehose"
   description = "Role for Datadog Kinesis Firehose Metric Streams."
@@ -21,7 +22,8 @@ module "firehose_role" {
 }
 
 module "firehose_policy" {
-  source = "github.com/geekcell/terraform-aws-iam-policy?ref=v1"
+  source  = "geekcell/iam-policy/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name        = "${var.prefix}-datadog-firehose"
   description = "Policy for Datadog Kinesis Firehose Metric Streams."
@@ -63,7 +65,8 @@ module "firehose_policy" {
 # METRIC STREAM ROLE
 #
 module "metric_stream_role" {
-  source = "github.com/geekcell/terraform-aws-iam-role?ref=v1"
+  source  = "geekcell/iam-role/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name        = "${var.prefix}-datadog-metric-stream"
   description = "Role for Datadog Metric Stream."
@@ -78,7 +81,8 @@ module "metric_stream_role" {
 }
 
 module "metric_stream_policy" {
-  source = "github.com/geekcell/terraform-aws-iam-policy?ref=v1"
+  source  = "geekcell/iam-policy/aws"
+  version = ">= 1.0.0, < 2.0.0"
 
   name        = "${var.prefix}-datadog-metric-stream"
   description = "Policy for Datadog Metric Stream."