|
1 | 1 | AWSTemplateFormatVersion: '2010-09-09' |
2 | 2 | Transform: AWS::Serverless-2016-10-31 |
3 | | -Description: Pushes logs and metrics from AWS to Datadog. |
| 3 | +Description: Pushes logs, metrics and traces from AWS to Datadog. |
| 4 | +Parameters: |
| 5 | + DdApiKey: |
| 6 | + Type: String |
| 7 | + NoEcho: true |
| 8 | + Default: '' |
| 9 | + AllowedPattern: '([0-9a-f]{32}|$^)' |
| 10 | + ConstraintDescription: DdApiKey needs to be either empty or a hex string of length 32 |
| 11 | + Description: The Datadog API key - use DdKmsApiKey or DdApiKeySecretId for security |
| 12 | + DdKmsApiKey: |
| 13 | + Type: String |
| 14 | + NoEcho: true |
| 15 | + Default: '' |
| 16 | + Description: The KSM-encrypted Datadog API key |
| 17 | + DdApiKeySecretId: |
| 18 | + Type: String |
| 19 | + NoEcho: true |
| 20 | + Default: '' |
| 21 | + Description: The Secret Id to fetch the Datadog API key from Secrets Manager |
| 22 | + DdSite: |
| 23 | + Type: String |
| 24 | + Default: datadoghq.com |
| 25 | + AllowedValues: |
| 26 | + - datadoghq.com |
| 27 | + - datadoghq.eu |
| 28 | + ConstraintDescription: DdSite must be datadoghq.com or datadoghq.eu |
| 29 | + Description: Set to datadoghq.eu to send data to the Datadog EU site. |
| 30 | + DdTags: |
| 31 | + Type: String |
| 32 | + Default: '' |
| 33 | + Description: Add custom tags to the forwarded log entries, e.g., env:prod,stack:classic |
| 34 | + FunctionName: |
| 35 | + Type: String |
| 36 | + Default: 'DatadogForwarder' |
| 37 | + Description: The Datadog Forwarder Lambda function |
| 38 | + ReservedConcurrency: |
| 39 | + Type: Number |
| 40 | + Default: 100 |
| 41 | + Description: Reserved concurrency for the Datadog Forwarder Lambda function |
| 42 | + LogRetentionInDays: |
| 43 | + Type: Number |
| 44 | + Default: 90 |
| 45 | + Description: Log retention for the Datadog Forwarder Lambda function |
| 46 | +Conditions: |
| 47 | + SetDdApiKey: !Not [!Equals [!Ref DdApiKey, '']] |
| 48 | + SetDdKmsApiKey: !Not [!Equals [!Ref DdKmsApiKey, '']] |
| 49 | + SetDdApiKeySecretId: !Not [!Equals [!Ref DdApiKeySecretId, '']] |
| 50 | + SetDdTags: !Not [!Equals [!Ref DdTags, '']] |
4 | 51 | Resources: |
5 | | - loglambdaddfunction: |
| 52 | + DatadogForwarder: |
6 | 53 | Type: 'AWS::Serverless::Function' |
7 | 54 | Properties: |
8 | | - Description: Pushes logs and metrics from AWS to Datadog. |
| 55 | + FunctionName: !Ref FunctionName |
| 56 | + Description: Pushes logs, metrics and traces from AWS to Datadog. |
9 | 57 | Handler: lambda_function.lambda_handler |
10 | 58 | MemorySize: 1024 |
11 | | - Runtime: python2.7 |
| 59 | + Runtime: python3.7 |
12 | 60 | Timeout: 120 |
13 | 61 | Layers: |
14 | | - - !Sub 'arn:aws:lambda:${AWS::Region}:464622532012:layer:Datadog-Python27:3' |
15 | | - - !Sub 'arn:aws:lambda:${AWS::Region}:464622532012:layer:Datadog-Trace-Forwarder-Python27:1' |
16 | | - |
17 | | - Type: AWS::Serverless::Function |
| 62 | + - !Sub 'arn:aws:lambda:${AWS::Region}:464622532012:layer:Datadog-Python37:9' |
| 63 | + - !Sub 'arn:aws:lambda:${AWS::Region}:464622532012:layer:Datadog-Trace-Forwarder-Python37:1' |
| 64 | + Environment: |
| 65 | + Variables: |
| 66 | + DD_API_KEY: !If [SetDdApiKey, !Ref DdApiKey, !Ref AWS::NoValue] |
| 67 | + DD_KMS_API_KEY: !If [SetDdKmsApiKey, !Ref DdKmsApiKey, !Ref AWS::NoValue] |
| 68 | + DD_API_KEY_SECRET_ID: !If [SetDdApiKeySecretId, !Ref DdApiKeySecretId, !Ref AWS::NoValue] |
| 69 | + DD_TAGS: !If [SetDdTags, !Ref DdTags, !Ref AWS::NoValue] |
| 70 | + DD_SITE: !Ref DdSite |
| 71 | + ReservedConcurrentExecutions: !Ref ReservedConcurrency |
| 72 | + LogGroup: |
| 73 | + Type: 'AWS::Logs::LogGroup' |
| 74 | + Properties: |
| 75 | + LogGroupName: !Sub '/aws/lambda/${DatadogForwarder}' |
| 76 | + RetentionInDays: !Ref LogRetentionInDays |
| 77 | +Outputs: |
| 78 | + DatadogForwarderArn: |
| 79 | + Description: Datadog Forwarder Lambda Function ARN |
| 80 | + Value: !GetAtt DatadogForwarder.Arn |
| 81 | + Export: |
| 82 | + Name: !Sub '${AWS::StackName}-DatadogForwarderArn' |
0 commit comments