From 8e52a4db6ac14517deb7a48e9229916cf2fbe19b Mon Sep 17 00:00:00 2001
From: spenes <enes@snowplowanalytics.com>
Date: Thu, 25 Apr 2024 17:41:23 +0300
Subject: [PATCH] Add pii stream option

---
 main.tf                     |  4 ++++
 templates/config.hocon.tmpl | 12 ++++++++++++
 variables.tf                |  6 ++++++
 3 files changed, 22 insertions(+)

diff --git a/main.tf b/main.tf
index e8b25b2..837912e 100644
--- a/main.tf
+++ b/main.tf
@@ -153,6 +153,7 @@ EOF
 
 locals {
   incomplete_tmpl_for_iam = var.incomplete_stream_name == "" ? "" : "\"arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.incomplete_stream_name}\","
+  pii_tmpl_for_iam        = var.pii_stream_name == "" ? "" : "\"arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.pii_stream_name}\","
 }
 
 resource "aws_iam_policy" "iam_policy" {
@@ -171,6 +172,7 @@ resource "aws_iam_policy" "iam_policy" {
       ],
       "Resource": [
         ${local.incomplete_tmpl_for_iam}
+        ${local.pii_tmpl_for_iam}
         "arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.in_stream_name}",
         "arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.enriched_stream_name}",
         "arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.bad_stream_name}"
@@ -192,6 +194,7 @@ resource "aws_iam_policy" "iam_policy" {
       ],
       "Resource": [
         ${local.incomplete_tmpl_for_iam}
+        ${local.pii_tmpl_for_iam}
         "arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.enriched_stream_name}",
         "arn:aws:kinesis:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:stream/${var.bad_stream_name}"
       ]
@@ -358,6 +361,7 @@ locals {
     enriched_stream_name   = var.enriched_stream_name
     bad_stream_name        = var.bad_stream_name
     incomplete_stream_name = var.incomplete_stream_name
+    pii_stream_name        = var.pii_stream_name
     region                 = data.aws_region.current.name
     initial_position       = var.initial_position
 
diff --git a/templates/config.hocon.tmpl b/templates/config.hocon.tmpl
index 5621038..67bfb95 100644
--- a/templates/config.hocon.tmpl
+++ b/templates/config.hocon.tmpl
@@ -42,6 +42,18 @@
       }
     }
     %{ endif}
+    %{ if pii_stream_name != ""}
+    "pii": {
+      "type": "Kinesis"
+      "streamName": "${pii_stream_name}"
+      "region": "${region}"
+      "maxBufferedTime": ${time_limit_ms} millis
+      "collection": {
+        "maxCount": ${record_limit}
+        "maxSize": ${byte_limit}
+      }
+    }
+    %{ endif}
   }
 
   "assetsUpdatePeriod": "${assets_update_period}"
diff --git a/variables.tf b/variables.tf
index 55c41bd..8a6c251 100644
--- a/variables.tf
+++ b/variables.tf
@@ -192,6 +192,12 @@ variable "incomplete_stream_name" {
   default     = ""
 }
 
+variable "pii_stream_name" {
+  description = "The name of the pii kinesis stream that the Enricher will insert events with pii in it"
+  type        = string
+  default     = ""
+}
+
 variable "initial_position" {
   description = "Where to start processing the input Kinesis Stream from (TRIM_HORIZON or LATEST)"
   default     = "TRIM_HORIZON"