From 30afce5291b22e561c8e3a87d080728691d0222a Mon Sep 17 00:00:00 2001
From: Jan David <jdno@jdno.dev>
Date: Tue, 16 Jan 2024 17:29:13 +0100
Subject: [PATCH] Send S3 notifications in staging environment

The S3 bucket with the CDN logs for crates.io now sends S3 notifications
to an SQS queue. This enables crates.io to start counting downloads in
the background and not as part of the request-response cycle.
---
 .../crates-io-staging/crates-io/terragrunt.hcl |  2 ++
 terragrunt/modules/crates-io/_terraform.tf     |  6 ++++++
 terragrunt/modules/crates-io/s3-logs.tf        | 18 ++++++++++++++++++
 3 files changed, 26 insertions(+)

diff --git a/terragrunt/accounts/legacy/crates-io-staging/crates-io/terragrunt.hcl b/terragrunt/accounts/legacy/crates-io-staging/crates-io/terragrunt.hcl
index c29f76d31..28d9ac604 100644
--- a/terragrunt/accounts/legacy/crates-io-staging/crates-io/terragrunt.hcl
+++ b/terragrunt/accounts/legacy/crates-io-staging/crates-io/terragrunt.hcl
@@ -27,4 +27,6 @@ inputs = {
   static_fastly_weight = 100
 
   fastly_customer_id_ssm_parameter = "/staging/crates-io/fastly/customer-id"
+
+  cdn_log_event_queue_arn = "arn:aws:sqs:us-west-1:359172468976:cdn-log-event-queue"
 }
diff --git a/terragrunt/modules/crates-io/_terraform.tf b/terragrunt/modules/crates-io/_terraform.tf
index 5039979fb..5c8345f40 100644
--- a/terragrunt/modules/crates-io/_terraform.tf
+++ b/terragrunt/modules/crates-io/_terraform.tf
@@ -102,3 +102,9 @@ variable "fastly_aws_account_id" {
   description = "The AWS account ID that Fastly uses to write logs"
   default     = "717331877981"
 }
+
+variable "cdn_log_event_queue_arn" {
+  # See the `crates-io-logs` module
+  description = "ARN of the SQS queue that receives S3 notifications for CDN logs"
+  type        = string
+}
diff --git a/terragrunt/modules/crates-io/s3-logs.tf b/terragrunt/modules/crates-io/s3-logs.tf
index 0a7931d71..dc5260a31 100644
--- a/terragrunt/modules/crates-io/s3-logs.tf
+++ b/terragrunt/modules/crates-io/s3-logs.tf
@@ -25,3 +25,21 @@ resource "aws_s3_bucket_public_access_block" "logs" {
   ignore_public_acls      = true
   restrict_public_buckets = true
 }
+
+resource "aws_s3_bucket_notification" "cdn_log_event_queue" {
+  bucket = aws_s3_bucket.logs.id
+
+  queue {
+    id            = "cloudfront"
+    events        = ["s3:ObjectCreated:*"]
+    queue_arn     = var.cdn_log_event_queue_arn
+    filter_prefix = "cloudfront/"
+  }
+
+  queue {
+    id            = "fastly"
+    events        = ["s3:ObjectCreated:*"]
+    queue_arn     = var.cdn_log_event_queue_arn
+    filter_prefix = "fastly-requests/"
+  }
+}