SumoLogic · akhil-sumologic · Mar 13, 2025 · Mar 10, 2025 · Mar 10, 2025 · Mar 12, 2025
@@ -30,7 +30,6 @@
 | <a name="module_elb_module"></a> [elb\_module](#module\_elb\_module) | SumoLogic/sumo-logic-integrations/sumologic//aws/elb | n/a |
 | <a name="module_kinesis_firehose_for_logs_module"></a> [kinesis\_firehose\_for\_logs\_module](#module\_kinesis\_firehose\_for\_logs\_module) | git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseforlogs | awso-v2.11 |
 | <a name="module_kinesis_firehose_for_metrics_source_module"></a> [kinesis\_firehose\_for\_metrics\_source\_module](#module\_kinesis\_firehose\_for\_metrics\_source\_module) | git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseformetrics | awso-v2.11 |
-| <a name="module_root_cause_sources_module"></a> [root\_cause\_sources\_module](#module\_root\_cause\_sources\_module) | SumoLogic/sumo-logic-integrations/sumologic//aws/rootcause | n/a |
 
 ## Resources
 
@@ -40,13 +39,11 @@
 | [aws_iam_policy.cloudtrail_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.cw_metrics_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.elb_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.root_cause_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_role.sumologic_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_iam_role_policy_attachment.classic_lb_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.cloudtrail_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.cw_metrics_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.elb_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.root_cause_policy_attach](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_s3_bucket.s3_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
 | [aws_s3_bucket_notification.bucket_notification](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_notification) | resource |
 | [aws_s3_bucket_policy.dump_access_logs_to_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
@@ -87,17 +84,14 @@
 | <a name="input_collect_cloudwatch_logs"></a> [collect\_cloudwatch\_logs](#input\_collect\_cloudwatch\_logs) | Select the kind of Sumo Logic CloudWatch Logs Sources to create<br/>            You have the following options:<br/>            "Lambda Log Forwarder" - Creates a Sumo Logic CloudWatch Log Source that collects CloudWatch logs via a Lambda function.<br/>            "Kinesis Firehose Log Source" - Creates a Sumo Logic Kinesis Firehose Log Source to collect CloudWatch logs.<br/>            "None" - Skips installation of both sources. | `string` | `"Kinesis Firehose Log Source"` | no |
 | <a name="input_collect_cloudwatch_metrics"></a> [collect\_cloudwatch\_metrics](#input\_collect\_cloudwatch\_metrics) | Select the kind of CloudWatch Metrics Source to create<br/>            You have the following options:<br/>            "CloudWatch Metrics Source" - Creates Sumo Logic AWS CloudWatch Metrics Sources.<br/>            "Kinesis Firehose Metrics Source" (Recommended) - Creates a Sumo Logic AWS Kinesis Firehose for Metrics Source. Note: This new source has cost and performance benefits over the CloudWatch Metrics Source and is therefore recommended.<br/>            "None" - Skips the Installation of both the Sumo Logic Metric Sources | `string` | `"Kinesis Firehose Metrics Source"` | no |
 | <a name="input_collect_elb_logs"></a> [collect\_elb\_logs](#input\_collect\_elb\_logs) | Create a Sumo Logic ALB Logs Source.<br/>            You have the following options:<br/>			true - to ingest load balancer logs into Sumo Logic. Creates a Sumo Logic Log Source that collects application load balancer logs from an existing bucket or a new bucket.<br/>			If true, please configure \"elb\_source\_details\" with configuration information including the bucket name and path expression to ingest load balancer logs.<br/>			false - you are already ingesting load balancer logs into Sumo Logic. | `bool` | `true` | no |
-| <a name="input_collect_root_cause_data"></a> [collect\_root\_cause\_data](#input\_collect\_root\_cause\_data) | Select the Sumo Logic Root Cause Explorer Source.<br/>            You have the following options:<br/>            Inventory Source - Creates a Sumo Logic Inventory Source used by Root Cause Explorer.<br/>            Xray Source - Creates a Sumo Logic AWS X-Ray Source that collects X-Ray Trace Metrics from your AWS account.<br/>            Both - Install both Inventory and Xray sources.<br/>            None - Skips installation of both sources. | `string` | `"Both"` | no |
 | <a name="input_elb_log_source_url"></a> [elb\_log\_source\_url](#input\_elb\_log\_source\_url) | Required if you are already collecting ALB logs. Provide the existing Sumo Logic ALB Source API URL. The account, accountid, and region fields will be added to the Source. For information on how to determine the URL, see [View or Download Source JSON Configuration](https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration). | `string` | `""` | no |
 | <a name="input_elb_source_details"></a> [elb\_source\_details](#input\_elb\_source\_details) | Provide details for the Sumo Logic ALB source. If not provided, then defaults will be used.<br/>            To enable collection of application load balancer logs, set collect\_elb\_logs to true and provide configuration information for the bucket.<br/>            If create\_bucket is false, provide a name of an existing S3 bucket where you would like to store loadbalancer logs. If this is empty, a new bucket will be created in the region.<br/>            If create\_bucket is true, the script creates a bucket, the name of the bucket has to be unique; this is achieved internally by generating a random-id and then post-fixing it to the “aws-observability-” string.<br/>            path\_expression - This is required in case the above existing bucket is already configured to receive ALB access logs. If this is blank, Sumo Logic will store logs in the path expression: *elasticloadbalancing/AWSLogs/*/elasticloadbalancing/*/* | <pre>object({<br/>    source_name     = string<br/>    source_category = string<br/>    description     = string<br/>    bucket_details = object({<br/>      create_bucket        = bool<br/>      bucket_name          = string<br/>      path_expression      = string<br/>      force_destroy_bucket = bool<br/>    })<br/>    fields = map(string)<br/>  })</pre> | <pre>{<br/>  "bucket_details": {<br/>    "bucket_name": "aws-observability-random-id",<br/>    "create_bucket": true,<br/>    "force_destroy_bucket": true,<br/>    "path_expression": "*elasticloadbalancing/AWSLogs/<ACCOUNT-ID>/elasticloadbalancing/<REGION-NAME>/*"<br/>  },<br/>  "description": "This source is created using Sumo Logic terraform AWS Observability module to collect AWS Application LoadBalancer logs.",<br/>  "fields": {},<br/>  "source_category": "aws/observability/alb/logs",<br/>  "source_name": "Elb Logs (Region)"<br/>}</pre> | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | Enter au, ca, de, eu, fed, jp, kr, us1 or us2. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes |
 | <a name="input_existing_iam_details"></a> [existing\_iam\_details](#input\_existing\_iam\_details) | Provide an existing AWS IAM role arn value which provides access to AWS S3 Buckets, AWS CloudWatch Metrics API and Sumo Logic Inventory data.<br/>			If kept empty, a new IAM role will be created with the required permissions.<br/>			For more details on permissions, check the iam policy tmpl files at /source-module/templates folder. | <pre>object({<br/>    create_iam_role = bool<br/>    iam_role_arn    = string<br/>  })</pre> | <pre>{<br/>  "create_iam_role": true,<br/>  "iam_role_arn": ""<br/>}</pre> | no |
-| <a name="input_inventory_source_details"></a> [inventory\_source\_details](#input\_inventory\_source\_details) | Provide details for the Sumo Logic AWS Inventory source. If not provided, then defaults will be used. | <pre>object({<br/>    source_name         = string<br/>    source_category     = string<br/>    description         = string<br/>    limit_to_namespaces = list(string)<br/>    fields              = map(string)<br/>  })</pre> | <pre>{<br/>  "description": "This source is created using Sumo Logic terraform AWS Observability module to collect AWS inventory metadata.",<br/>  "fields": {},<br/>  "limit_to_namespaces": [<br/>    "AWS/ApplicationELB",<br/>    "AWS/ApiGateway",<br/>    "AWS/DynamoDB",<br/>    "AWS/Lambda",<br/>    "AWS/RDS",<br/>    "AWS/ECS",<br/>    "AWS/ElastiCache",<br/>    "AWS/ELB",<br/>    "AWS/NetworkELB",<br/>    "AWS/SQS",<br/>    "AWS/SNS",<br/>    "AWS/AutoScaling",<br/>    "AWS/EC2"<br/>  ],<br/>  "source_category": "aws/observability/inventory",<br/>  "source_name": "AWS Inventory (Region)"<br/>}</pre> | no |
 | <a name="input_sumologic_collector_details"></a> [sumologic\_collector\_details](#input\_sumologic\_collector\_details) | Provide details for the Sumo Logic collector. If not provided, then defaults will be used.<br/>			The Collector will be created if any new source will be created and \"sumologic\_existing\_collector\_id\" is empty. | <pre>object({<br/>    collector_name = string<br/>    description    = string<br/>    fields         = map(string)<br/>  })</pre> | <pre>{<br/>  "collector_name": "AWS Observability (AWS Account Alias) (Account ID)",<br/>  "description": "This collector is created using Sumo Logic terraform AWS Observability module.",<br/>  "fields": {}<br/>}</pre> | no |
 | <a name="input_sumologic_existing_collector_details"></a> [sumologic\_existing\_collector\_details](#input\_sumologic\_existing\_collector\_details) | Provide an existing Sumo Logic Collector ID. For more details, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration<br/>			If provided, all the provided sources will be created within the collector.<br/>			If kept empty, a new Collector will be created and all provided sources will be created within that collector. | <pre>object({<br/>    create_collector = bool<br/>    collector_id     = string<br/>  })</pre> | <pre>{<br/>  "collector_id": "",<br/>  "create_collector": true<br/>}</pre> | no |
 | <a name="input_sumologic_organization_id"></a> [sumologic\_organization\_id](#input\_sumologic\_organization\_id) | You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."<br/>            For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page | `string` | n/a | yes |
 | <a name="input_wait_for_seconds"></a> [wait\_for\_seconds](#input\_wait\_for\_seconds) | wait\_for\_seconds is used to delay sumo logic source creation. The value is in seconds. This helps persisting the IAM role in the AWS system.<br/>            Default value is 180 seconds.<br/>            If the AWS IAM role is created outside the module, the value can be decreased to 1 second. | `number` | `180` | no |
-| <a name="input_xray_source_details"></a> [xray\_source\_details](#input\_xray\_source\_details) | Provide details for the Sumo Logic AWS XRAY source. If not provided, then defaults will be used. | <pre>object({<br/>    source_name     = string<br/>    source_category = string<br/>    description     = string<br/>    fields          = map(string)<br/>  })</pre> | <pre>{<br/>  "description": "This source is created using Sumo Logic terraform AWS Observability module to collect AWS Xray metrics.",<br/>  "fields": {},<br/>  "source_category": "aws/observability/xray",<br/>  "source_name": "AWS Xray (Region)"<br/>}</pre> | no |
 
 ## Outputs
 
@@ -126,9 +120,7 @@
 | <a name="output_elb_sns_subscription"></a> [elb\_sns\_subscription](#output\_elb\_sns\_subscription) | AWS SNS subscription to Sumo Logic AWS ELB source. |
 | <a name="output_elb_sns_topic"></a> [elb\_sns\_topic](#output\_elb\_sns\_topic) | SNS topic created to be attached to an existing elb logs bucket. |
 | <a name="output_elb_source"></a> [elb\_source](#output\_elb\_source) | Sumo Logic AWS ELB source. |
-| <a name="output_inventory_source"></a> [inventory\_source](#output\_inventory\_source) | Sumo Logic AWS Inventory source. |
 | <a name="output_kinesis_firehose_for_logs_auto_subscribe_stack"></a> [kinesis\_firehose\_for\_logs\_auto\_subscribe\_stack](#output\_kinesis\_firehose\_for\_logs\_auto\_subscribe\_stack) | AWS CloudFormation stack for Auto Enable logs subscription. |
 | <a name="output_kinesis_firehose_for_logs_source"></a> [kinesis\_firehose\_for\_logs\_source](#output\_kinesis\_firehose\_for\_logs\_source) | Sumo Logic Kinesis Firehose for Logs source. |
 | <a name="output_kinesis_firehose_for_metrics_source"></a> [kinesis\_firehose\_for\_metrics\_source](#output\_kinesis\_firehose\_for\_metrics\_source) | Sumo Logic AWS Kinesis Firehose for Metrics source. |
 | <a name="output_sumologic_collector"></a> [sumologic\_collector](#output\_sumologic\_collector) | Sumo Logic collector details. |
-| <a name="output_xray_source"></a> [xray\_source](#output\_xray\_source) | Sumo Logic AWS Xray source. |
@@ -47,13 +47,6 @@ locals {
   cloudwatch_logs_source_name = var.cloudwatch_logs_source_details.source_name == "CloudWatch Logs (Region)" ? "CloudWatch Logs ${local.aws_region}" : var.cloudwatch_logs_source_details.source_name
   cloudwatch_logs_fields      = merge(var.cloudwatch_logs_source_details.fields, { account = var.aws_account_alias, region = local.aws_region, accountid = local.aws_account_id })
 
-  # Root Cause sources updated details
-  create_inventory_source  = var.collect_root_cause_data == "Inventory Source" || var.collect_root_cause_data == "Both"
-  create_xray_source       = var.collect_root_cause_data == "Xray Source" || var.collect_root_cause_data == "Both"
-  create_root_cause_source = local.create_inventory_source || local.create_xray_source
-  inventory_source_name    = var.inventory_source_details.source_name == "AWS Inventory (Region)" ? "AWS Inventory ${local.aws_region}" : var.inventory_source_details.source_name
-  xray_source_name         = var.xray_source_details.source_name == "AWS Xray (Region)" ? "AWS Xray ${local.aws_region}" : var.xray_source_details.source_name
-
   # Common Bucket details
   create_cloudtrail_bucket      = local.create_cloudtrail_source && var.cloudtrail_source_details.bucket_details.create_bucket
   create_elb_bucket             = local.create_elb_source && var.elb_source_details.bucket_details.create_bucket
@@ -67,10 +60,10 @@ locals {
   create_common_sns_topic = local.create_common_bucket && (local.create_elb_source || local.create_classic_lb_source || local.create_cloudtrail_source)
 
   # Create an IAM role that provides trust relationship with AWS account
-  create_iam_role = var.existing_iam_details.create_iam_role && (local.create_elb_source || local.create_classic_lb_source ||local.create_cloudtrail_source || local.create_kf_metrics_source || local.create_cw_metrics_source || local.create_root_cause_source)
+  create_iam_role = var.existing_iam_details.create_iam_role && (local.create_elb_source || local.create_classic_lb_source ||local.create_cloudtrail_source || local.create_kf_metrics_source || local.create_cw_metrics_source)
 
   # Create any Sumo Logic source. Keep on adding to this if any new source is added.
-  create_any_source = local.create_cloudtrail_source || local.create_elb_source || local.create_metric_source || local.create_cw_logs_source || local.create_root_cause_source || local.create_classic_lb_source
+  create_any_source = local.create_cloudtrail_source || local.create_elb_source || local.create_metric_source || local.create_cw_logs_source || local.create_classic_lb_source
 
 
   # Create a new Sumo Logic hosted collector

@@ -304,47 +304,3 @@ module "kinesis_firehose_for_logs_module" {
     tags_filter = var.auto_enable_logs_subscription_options.tags_filter
   }
 }
-
-module "root_cause_sources_module" {
-  depends_on = [time_sleep.wait_for_minutes]
-  for_each   = toset(local.create_root_cause_source ? ["root_cause_sources_module"] : [])
-  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/rootcause?ref=SUMO-254952"
-  # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/rootcause"
-  # version = "1.0.19"
-
-  create_collector          = false
-  sumologic_organization_id = var.sumologic_organization_id
-
-  wait_for_seconds = 1
-  iam_details = {
-    create_iam_role = false
-    iam_role_arn    = local.create_iam_role ? aws_iam_role.sumologic_iam_role["sumologic_iam_role"].arn : var.existing_iam_details.iam_role_arn
-  }
-
-  create_inventory_source = local.create_inventory_source
-  inventory_source_details = {
-    source_name         = local.inventory_source_name
-    source_category     = var.inventory_source_details.source_category
-    collector_id        = local.create_collector ? sumologic_collector.collector["collector"].id : var.sumologic_existing_collector_details.collector_id
-    description         = var.inventory_source_details.description
-    limit_to_namespaces = var.inventory_source_details.limit_to_namespaces
-    limit_to_regions    = [local.aws_region]
-    paused              = false
-    scan_interval       = 300000
-    sumo_account_id     = local.sumo_account_id
-    fields              = var.inventory_source_details.fields
-  }
-
-  create_xray_source = local.create_xray_source
-  xray_source_details = {
-    source_name      = local.xray_source_name
-    source_category  = var.xray_source_details.source_category
-    collector_id     = local.create_collector ? sumologic_collector.collector["collector"].id : var.sumologic_existing_collector_details.collector_id
-    description      = var.xray_source_details.description
-    limit_to_regions = [local.aws_region]
-    paused           = false
-    scan_interval    = 300000
-    sumo_account_id  = local.sumo_account_id
-    fields           = var.xray_source_details.fields
-  }
-}
@@ -83,18 +83,4 @@ resource "aws_iam_role_policy_attachment" "cw_metrics_policy_attach" {
 
   policy_arn = aws_iam_policy.cw_metrics_policy["cw_metrics_policy"].arn
   role       = aws_iam_role.sumologic_iam_role["sumologic_iam_role"].name
-}
-
-# Sumo Logic Root Cause Source Policy Attachment
-resource "aws_iam_policy" "root_cause_policy" {
-  for_each = toset(local.create_root_cause_source && local.create_iam_role ? ["root_cause_policy"] : [])
-
-  policy = templatefile("${path.module}/templates/iam_rootcause_source_policy.tmpl", {})
-}
-
-resource "aws_iam_role_policy_attachment" "root_cause_policy_attach" {
-  for_each = toset(local.create_root_cause_source && local.create_iam_role ? ["root_cause_policy_attach"] : [])
-
-  policy_arn = aws_iam_policy.root_cause_policy["root_cause_policy"].arn
-  role       = aws_iam_role.sumologic_iam_role["sumologic_iam_role"].name
 }