I am subscribing cloudwatch logs from 2 environments(dev and prd) to the same firehose (dev). Dev logs get subscribed to dev firehose, prd logs get subscribed to Destination resource in dev which then stream logs to the same firehose. The boto calls to do it are almost identical.
This is the code to subscribe to firehose:
boto_client.put_subscription_filter(
destinationArn=DESTINATION_ARN,
filterName=" ",
filterPattern=PATTERN,
logGroupName=LOG_GROUP_NAME,
roleArn=IAM_ROLE
)
And this is the code to subscribe to the Destination:
boto_client.put_subscription_filter(
destinationArn=DESTINATION_ARN,
filterName=" ",
filterPattern=PATTERN,
logGroupName=LOG_GROUP_NAME
)
The only difference is roleArn parameter. It cannot be passed to the destination and has to be passed to the firehose. So my question is how to build the call so that if the environment is dev - I would append the roleArn. Or vice versa. If it's prd - I would remove the roleArn parameter. This way I would not have to create 2 pretty much identical functions.
PS. I tried to pass the None, Empty String and dummy value for roleArn - but it didn't work.
Aucun commentaire:
Enregistrer un commentaire