has anyone here used Terraform before to create a cloudwatch

Question

has anyone here used Terraform before to create a cloudwatch dashboard monitoring read write events in an s3 bucket

Jon Zeolla · Answer

I m working on that as a part of a larger project right now eyes What s your use case

Alex T. · Answer

What s exactly your requirement I can provide some thoughts from old scars sweat smile developing something similar AFAIR I d say Enable S3 server access logging on your bucket On CloudTrail for Data Events you ll need to monitor Put and Create API calls and set a trigger to Cloudwatch Logs Create custom metrics in Cloudwatch to track Read and Writes which is what you actually need If I understood correctly thinking face Create finally your CW Dashboard and include your custom metrics in it Technically you should track `PutRequests` and `GetRequests` what I ve suggested isn t the only way It will depends in your specific use case and constrains E g costs

Deepak Verma · Answer

Yes

Mark Hughes · Answer

It was really just a sample kind of task I had for an interview so not a proper use case so to speak just an ask that when a file gets uploaded or deleted in a bucket we could see it in a cloudwatch dashboard and I ve never really worked with cloudtrail much and found it trickier than most resources I ended up creating a trail pushing the events to a log group which the dashboard uses as a source I haven t got it working yet I can see the events in the log group but the dash has no data but I think what is missing is a query definition

Jon Zeolla · Answer

< Alex T > why server access logging instead of the cloudtrail s3 data events for reads Just wondering seems like it would have duplicative data for reads

Jon Zeolla · Answer

I was thinking CloudTrail data access logs with an <https docs aws amazon com awscloudtrail latest userguide logging data events with cloudtrail html creating data adv event selectors CLI s3|event selector> would be the best bet to get the narrow focus But mostly because I like the CloudTrail log format context better than what access logs give you and my use case would be security I think the S3 storage would be cheaper for access logs if you didn t need the additional details

Alex T. · Answer

Hey < Jon Zeolla> for nothing in particular I d say it depends on its use case and other related requirements such as costs security compliance etc Looks like for what he requiere access logs will suffice gt but I think what is missing is a query definition Or perhaps a custom metric that measure what you re trying to query show in your dashboard

Jon Zeolla · Answer

< Mark Hughes> yeah usually next I would use a metric filter pattern

Mark Hughes · Answer

Amazing thanks for your help guys