has anyone here used Terraform before to create a ...
# terraform
has anyone here used Terraform before to create a cloudwatch dashboard monitoring read/write events in an s3 bucket?
I’m working on that as a part of a larger project right now 👀 What’s your use case?
What’s exactly your requirement? I can provide some thoughts from old “scars” 😅 developing something similar. AFAIR — I’d say: • Enable S3 server access logging on your bucket • On CloudTrail, for Data Events, you’ll need to monitor Put and Create API calls and set a trigger to Cloudwatch Logs • Create custom metrics in Cloudwatch to track Read and Writes (which is what you actually need, If I understood correctly 🤔 ) • Create finally your CW Dashboard and include your custom metrics in it. Technically, you should track
— what I’ve suggested isn’t the only way. It will depends in your specific use-case and constrains (E.g.: costs).
It was really just a sample kind of task I had for an interview, so not a proper use case so to speak, just an ask that when a file gets uploaded or deleted in a bucket, we could see it in a cloudwatch dashboard. and I’ve never really worked with cloudtrail much and found it trickier than most resources, I ended up creating a trail pushing the events to a log group which the dashboard uses as a source. I haven’t got it working yet, I can see the events in the log group but the dash has no data, but I think what is missing is a query definition
@Alex T. why server access logging instead of the cloudtrail s3 data events for reads? Just wondering; seems like it would have duplicative data for reads
I was thinking CloudTrail data access logs with an event selector would be the best bet to get the narrow focus. But mostly because I like the CloudTrail log format / context better than what access logs give you, and my use case would be security. I think the S3 storage would be cheaper for access logs if you didn't need the additional details
Hey @Jon Zeolla, for nothing in particular. I’d say it depends on its use case, and other related requirements (such as costs, security/compliance, etc). Looks like for what he requiere, access logs will suffice.
but I think what is missing is a query definition
Or, perhaps a custom metric that measure what you’re trying to query/show in your dashboard.
@Mark Hughes yeah, usually next I would use a metric filter pattern https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html
Amazing, thanks for your help guys