From 7f551c37dc4971d48efea66314039d3da4795a81 Mon Sep 17 00:00:00 2001 From: xnick123 <19893697+xnick123@users.noreply.github.com> Date: Thu, 30 May 2024 18:26:58 +0200 Subject: [PATCH] add optional access logs target bucket Resolves #764 (#779) --- aws/logs_monitoring/template.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/aws/logs_monitoring/template.yaml b/aws/logs_monitoring/template.yaml index 9a2eb0c3..3bd8f1c5 100644 --- a/aws/logs_monitoring/template.yaml +++ b/aws/logs_monitoring/template.yaml @@ -229,6 +229,10 @@ Parameters: Type: String Default: "" Description: The name of the forwarder bucket to create. If not provided, AWS will generate a unique name. + DdForwarderBucketsAccessLogsTarget: + Type: String + Default: "" + Description: (Optional) The name of the S3 bucket to store access logs. Leave empty if access logging is not needed. DdStoreFailedEvents: Type: String Default: false @@ -433,6 +437,7 @@ Conditions: - Fn::Equals: - Ref: ReservedConcurrency - "" + ShouldUseAccessLogBucket: !Not [!Equals [!Ref DdForwarderBucketsAccessLogsTarget, ""]] SetForwarderBucket: Fn::Or: - Condition: CreateS3Bucket @@ -886,6 +891,13 @@ Resources: BlockPublicPolicy: true IgnorePublicAcls: true RestrictPublicBuckets: true + LoggingConfiguration: + !If + - ShouldUseAccessLogBucket + - + DestinationBucketName: !Ref DdForwarderBucketsAccessLogsTarget + LogFilePrefix: "datadog-forwarder/" + - !Ref "AWS::NoValue" LifecycleConfiguration: Rules: - Id: delete-incomplete-mpu-7days