LogStruct LogoLogStructby DocSpring

Terraform Provider

The LogStruct Terraform provider offers type-safe helpers for building CloudWatch filter patterns from your structured logs, and validates struct/event combinations at plan time.

Installation

Use the AWS module wrappers for common patterns. They resolve the provider internally and compile patterns safely.

CloudWatch Metric Filter Example

Module-first: create an AWS metric filter for a known LogStruct source/event combo. Invalid combinations fail at plan time.

Module: Metric Filter
module "email_delivered_metric" {
  source  = "DocSpring/logstruct/aws//modules/metric-filter"
  version = ">= 0.1.0"

  name           = "Email Delivered Count"
  log_group_name = var.log_group_name
  log_source     = "mailer"
  log_event      = "delivered"
  namespace      = var.namespace
}
Variables
variable "log_group_name" { type = string }
variable "namespace" { type = string }

Validation and Safety

  • Structs and events are validated at plan time using the embedded LogStruct catalog exported from this repository.
  • If allowed events or keys change in a newer LogStruct release, your Terraform plan will fail fast with clear diagnostics.

Versioning

  • Provider versions mirror LogStruct tags (for example, v0.2.0).
  • Use a compatible constraint like ~> 0.2 to receive non-breaking updates.

Recipes

A few helpful patterns you can copy and adapt:

Count Email Deliveries
module "email_delivered_metric" {
  source  = "DocSpring/logstruct/aws//modules/metric-filter"
  version = ">= 0.1.0"

  name           = "Email Delivered Count"
  log_group_name = var.log_group_name
  log_source     = "mailer"
  log_event      = "delivered"
  namespace      = var.namespace
}
Count Successful GoodJob Runs
module "goodjob_finish_count" {
  source  = "DocSpring/logstruct/aws//modules/metric-filter"
  version = ">= 0.1.0"

  name           = "GoodJob Finish Count"
  log_group_name = var.log_group_name
  log_source     = "job"
  log_event      = "finish"
  namespace      = var.namespace
}
Count All SQL Queries
module "sql_query_count" {
  source  = "DocSpring/logstruct/aws//modules/metric-filter"
  version = ">= 0.1.0"

  name           = "SQL Query Count"
  log_group_name = var.log_group_name
  log_source     = "app"
  log_event      = "database"
  namespace      = var.namespace
}
Provider Reference: Compile Pattern
data "logstruct_source" "mailer" {
  name = "mailer"
}

data "logstruct_pattern" "email_delivered" {
  source = data.logstruct_source.mailer.canonical
  event  = "delivered"
}

For delivery failures, use metric math to compare attempts vs. delivered counts. CloudWatch filter patterns do not support numeric comparisons, so slow-query thresholds are usually handled downstream (for example, count + percentiles in metrics/dashboards). See the provider README for more examples and details.

Edit this page on GitHub