You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: aws/logs_monitoring/README.md
+5-2Lines changed: 5 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -305,7 +305,7 @@ You can run the Forwarder in a VPC private subnet and send data to Datadog over
305
305
3. When installing the Forwarder with the CloudFormation template:
306
306
1. Set `DdUseVPC` to `true`.
307
307
2. Set `VPCSecurityGroupIds` and `VPCSubnetIds` based on your VPC settings.
308
-
3. Set `DdFetchLambdaTags` to `false`, because AWS Resource Groups Tagging API doesn't support PrivateLink.
308
+
3. Set `DdFetchLambdaTags`, `DdFetchStepFunctionsTags` and `DdFetchS3Tags` to `false`, because AWS Resource Groups Tagging API doesn't support PrivateLink.
309
309
310
310
#### DdUsePrivateLink is deprecated
311
311
@@ -326,7 +326,7 @@ If you must deploy the Forwarder to a VPC without direct public internet access,
326
326
1. Unless the Forwarder is deployed to a public subnet, follow the [instructions][15] to add endpoints for Secrets Manager and S3 to the VPC, so that the Forwarder can access those services.
327
327
2. Update your proxy with following configurations ([HAProxy][17] or [NGINX][18]). If you are using another proxy, or Web Proxy, allowlist the Datadog domain, for example: `.{{< region-param key="dd_site" code="true" >}}`.
328
328
3. When installing the Forwarder with the CloudFormation template, set `DdUseVPC`, `VPCSecurityGroupIds`, and `VPCSubnetIds`.
329
-
4. Ensure the `DdFetchLambdaTags` option is disabled, because AWS VPC does not yet offer an endpoint for the Resource Groups Tagging API.
329
+
4. Ensure the `DdFetchLambdaTags`, `DdFetchStepFunctionsTags` and `DdFetchS3Tags` options are disabled, because AWS VPC does not yet offer an endpoint for the Resource Groups Tagging API.
330
330
5. If you are using HAProxy or NGINX:
331
331
332
332
- Set `DdApiUrl` to `http://<proxy_host>:3834` or `https://<proxy_host>:3834`.
@@ -456,6 +456,9 @@ To test different patterns against your logs, turn on [debug logs](#troubleshoot
456
456
`DdFetchStepFunctionsTags`
457
457
: Let the Forwarder fetch Step Functions tags using GetResources API calls and apply them to logs and traces (if Step Functions tracing is enabled). If set to true, permission `tag:GetResources` will be automatically added to the Lambda execution IAM role.
458
458
459
+
`DdFetchS3Tags`
460
+
: Let the Forwarder fetch S3 tags using GetResources API calls and apply them to logs and traces. If set to true, permission `tag:GetResources` will be automatically added to the Lambda execution IAM role.
461
+
459
462
`DdStepFunctionsTraceEnabled`
460
463
: Set to true to enable tracing for all Step Functions.
0 commit comments