protected function execute(InputInterface $input, OutputInterface $output)
{
// TODO: refactor this to use \AwsInspector\Model\CloudWatchLogs\Repository
$groupPattern = $input->getArgument('group');
$destinationArn = $input->getArgument('destinationArn');
$filterName = $input->getArgument('filterName');
/* @var $cloudwatchLogsClient \Aws\CloudWatchLogs\CloudWatchLogsClient */
$cloudwatchLogsClient = \AwsInspector\SdkFactory::getClient('cloudwatchlogs');
$lambdaClient = \AwsInspector\SdkFactory::getClient('lambda');
$nextToken = null;
$logsWithLimitExceededException = [];
do {
$params = ['limit' => 50];
if ($nextToken) {
$params['nextToken'] = $nextToken;
}
$result = $cloudwatchLogsClient->describeLogGroups($params);
foreach ($result->get('logGroups') as $logGroup) {
$name = $logGroup['logGroupName'];
if (preg_match('/' . $groupPattern . '/', $name)) {
try {
$lambdaClient->addPermission(['Action' => 'lambda:*', 'FunctionName' => $destinationArn, 'Principal' => 'logs.eu-west-1.amazonaws.com', 'StatementId' => (string) md5($logGroup['logGroupName']), 'SourceArn' => $logGroup['arn']]);
$cloudwatchLogsClient->putSubscriptionFilter(['destinationArn' => $destinationArn, 'filterName' => $filterName, 'filterPattern' => '', 'logGroupName' => $logGroup['logGroupName']]);
} catch (\Aws\CloudWatchLogs\Exception\CloudWatchLogsException $e) {
if ($e->getAwsErrorCode() == 'LimitExceededException') {
$logsWithLimitExceededException[] = $logGroup;
}
}
$output->writeln('Add lambda trigger for ' . $logGroup['logGroupName']);
}
}
$nextToken = $result->get("nextToken");
} while ($nextToken);
if (!empty($logsWithLimitExceededException)) {
$output->writeln('The following log groups has already a different subscription:');
foreach ($logsWithLimitExceededException as $logGroup) {
$output->writeln("\t" . $logGroup['logGroupName']);
}
}
}