first pass of SLs for CLF. No openshift documentation exists yet.

Author: Mhodesty

hcp/logForwarding/cloudwatch_kms_permission_denied.json

@@ -0,0 +1,16 @@
+{
+  "severity": "Major",
+  "service_name": "SREManualAction",
+  "log_type": "cluster-configuration",
+  "summary": "Log forwarding failed, action required",
+  "description": "Your cluster's log forwarding to CloudWatch is failing due to insufficient permissions on the KMS key used to encrypt your CloudWatch Log Group. The Red Hat log forwarding service is unable to write encrypted log events to your CloudWatch Log Group. Please ensure that your KMS key policy allows the Red Hat log distribution role to use the key for encryption operations (kms:Decrypt, kms:GenerateDataKey).",
+  "doc_references": [
+    "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html",
+    "https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html"
+  ],
+  "internal_only": false,
+  "_tags": [
+    "sop_LogForwarding_CloudWatchDeliveryFailures"
+  ]
+}
+

hcp/logForwarding/cloudwatch_log_group_not_found.json

@@ -0,0 +1,15 @@
+{
+  "severity": "Major",
+  "service_name": "SREManualAction",
+  "log_type": "cluster-configuration",
+  "summary": "Log forwarding failed, action required",
+  "description": "Your cluster's log forwarding to CloudWatch is failing because the configured destination CloudWatch Log Group cannot be found. The log group may have been deleted or the log group name in the log forwarding configuration may be incorrect. Please verify that the destination CloudWatch Log Group exists in your AWS account. If the log group was deleted, please recreate it and ensure the log group resource policy allows the Red Hat log distribution role to perform CreateLogStream and PutLogEvents operations.",
+  "doc_references": [
+    "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogsCrossAccountPolicy.html"
+  ],
+  "internal_only": false,
+  "_tags": [
+    "sop_LogForwarding_CloudWatchDeliveryFailures"
+  ]
+}
+

hcp/logForwarding/cloudwatch_log_group_permission_denied.json

@@ -0,0 +1,15 @@
+{
+  "severity": "Major",
+  "service_name": "SREManualAction",
+  "log_type": "cluster-configuration",
+  "summary": "Log forwarding failed, action required",
+  "description": "Your cluster's log forwarding to CloudWatch is failing due to insufficient permissions on your CloudWatch Log Group. The Red Hat log forwarding service is unable to deliver logs to your CloudWatch Log Group. Please ensure that your CloudWatch Log Group resource policy allows the Red Hat log distribution role to perform CreateLogStream and PutLogEvents operations. For cross-account log delivery, a resource policy must be configured on your CloudWatch Log Group.",
+  "doc_references": [
+    "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogsCrossAccountPolicy.html"
+  ],
+  "internal_only": false,
+  "_tags": [
+    "sop_LogForwarding_CloudWatchDeliveryFailures"
+  ]
+}
+

hcp/logForwarding/s3_bucket_not_found.json

@@ -0,0 +1,15 @@
+{
+  "severity": "Major",
+  "service_name": "SREManualAction",
+  "log_type": "cluster-configuration",
+  "summary": "Log forwarding failed, action required",
+  "description": "Your cluster's log forwarding to S3 is failing because the configured destination S3 bucket cannot be found. The bucket may have been deleted or the bucket name in the log forwarding configuration may be incorrect. Please verify that the destination S3 bucket exists and is accessible. If the bucket was deleted, please recreate it and ensure the bucket policy allows the Red Hat log distribution role to perform PutObject and PutObjectAcl operations.",
+  "doc_references": [
+    "https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-policies.html"
+  ],
+  "internal_only": false,
+  "_tags": [
+    "sop_LogForwarding_S3PermissionIssues"
+  ]
+}
+

hcp/logForwarding/s3_bucket_permission_denied.json

@@ -0,0 +1,15 @@
+{
+  "severity": "Major",
+  "service_name": "SREManualAction",
+  "log_type": "cluster-configuration",
+  "summary": "Log forwarding failed, action required",
+  "description": "Your cluster's log forwarding to S3 is failing due to insufficient permissions on your S3 bucket. The Red Hat log forwarding service is unable to deliver logs to your S3 bucket. Please ensure that your S3 bucket policy allows the Red Hat log distribution role to perform PutObject and PutObjectAcl operations. Your bucket policy must include a statement that grants access to the Red Hat management role ARN.",
+  "doc_references": [
+    "https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-policies.html"
+  ],
+  "internal_only": false,
+  "_tags": [
+    "sop_LogForwarding_S3PermissionIssues"
+  ]
+}
+

hcp/logForwarding/s3_kms_permission_denied.json

@@ -0,0 +1,15 @@
+{
+  "severity": "Major",
+  "service_name": "SREManualAction",
+  "log_type": "cluster-configuration",
+  "summary": "Log forwarding failed, action required",
+  "description": "Your cluster's log forwarding to S3 is failing due to insufficient permissions on the KMS key used to encrypt your S3 bucket. The Red Hat log forwarding service is unable to write encrypted objects to your S3 bucket. Please ensure that your KMS key policy allows the Red Hat log distribution role to use the key for encryption operations (kms:Decrypt, kms:GenerateDataKey).",
+  "doc_references": [
+    "https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html"
+  ],
+  "internal_only": false,
+  "_tags": [
+    "sop_LogForwarding_S3PermissionIssues"
+  ]
+}
+