为 kinesis firehose cloudformation 启用 cloudwatch 日志
[英]Enable cloudwatch logs for kinesis firehose cloudformation
问题描述
I am trying to catch Cloudwatch logs for my firehose to find any errors when sending data to S3 destination.
我正在尝试为我的 Firehose 捕获 Cloudwatch 日志,以在将数据发送到S3目的地时发现任何错误。 I created a cloudformation template with logging details我创建了一个带有日志详细信息的 cloudformation 模板
"CloudWatchLoggingOptions" : {
"Enabled" : "true",
"LogGroupName": "/aws/firehose/firehose-dev", -->firehose-dev is my firehosedeliverystream name
"LogStreamName" : "s3logs"
},
I have given necesary IAM permission to firehose for creating loggroupname and streamname .我已授予loggroupname必要的 IAM 权限以创建loggroupname和streamname 。
{
"Sid": "",
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
}
When i triggered the template i didnt find any of the loggroupname and streamname is created in cloudwatch logs.当我触发模板时,我没有在 cloudwatch 日志中找到任何日志组名和流名。
But when we give same IAM permissions to AWS::Lambda resource it will automatically create a loggroupname(ie /aws/lambda/mylambdaname ) and send the logs to the that group.但是,当我们向AWS::Lambda资源授予相同的 IAM 权限时,它会自动创建一个日志组名称(即/aws/lambda/mylambdaname )并将日志发送到该组。 But why this scenario is not working for firehose ?但是为什么这种情况不适用于 firehose ?
As a Workaround作为解决方法
I am manually creating AWS::Logs::LogGroup resource with name as /aws/firehose/firehose-dev and AWS::Logs::LogStream resource with name as s3logs .我手动创建AWS::Logs::LogGroup资源与名称/aws/firehose/firehose-dev和AWS::Logs::LogStream与名称作为资源s3logs 。
And also firehose will create a loggroup name and logstream name automatically, if we configure the firehose deliverystream using console.
Can't firehose create loggroup name and logstream name automatically like aws lambda do when configured through cloudformation?通过 cloudformation 配置时,firehose 不能像 aws lambda 一样自动创建日志组名称和日志流名称吗?
Thanks Any help is appreciated谢谢任何帮助表示赞赏
1 个解决方案
解决方案1
3 2020-05-23 09:42:49
Its resource dependent.它的资源依赖。 Some resources will create the log group for you, some not.有些资源会为您创建日志组,有些则不会。 Sometimes console does create them in the background.有时控制台会在后台创建它们。 When you use CloudFormation, usually you have to do everything yourself.当您使用 CloudFormation 时,通常您必须自己做所有事情。
In case of Firehose you can create the AWS::Logs::LogGroup and AWS::Logs::LogStream resources in CloudFormation.对于 Firehose,您可以在 CloudFormation 中创建AWS::Logs::LogGroup和AWS::Logs::LogStream AWS::Logs::LogGroup资源。 For example (yaml):例如(yaml):
MyFirehoseLogGroup:
Type: AWS::Logs::LogGroup
Properties:
RetentionInDays: 1
MyFirehoseLogStream:
Type: AWS::Logs::LogStream
Properties:
LogGroupName: !Ref MyFirehoseLogGroup
Then when you define your AWS::KinesisFirehose::DeliveryStream , you could reference them:然后,当您定义AWS::KinesisFirehose::DeliveryStream ,您可以引用它们:
CloudWatchLoggingOptions:
Enabled: true
LogGroupName: !Ref MyFirehoseLogGroup
LogStreamName: !Ref MyFirehoseLogStream
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.