Stream AWS CloudFront standard logs that are stored in S3 into AWS CloudWatch Logs.
This service involves the following steps for each CloudFront Distribution in the config list:
-
Create CloudFront Custom Resource to get the Logging configuration.
-
Create the CloudWatch log group.
-
Create IAM Role with the relevant permission to access S3 and write logs to CloudWatch.
-
Create the Lambda Function with the necessary logic to extract the logs and send it to CloudWatch.
-
Attach the IAM Role to the Lambda Function.
-
Create EventBridge Rule for notification between S3 Bucket and Lambda Function.
As CloudFront Distribution configuration is part of another service. To deploy
this service is required to enable and configure the Standard Logs
before.
Add the desired Distribution IDs for each environment on the config files:
config/development.ts
config/production.ts
export const developmentConfig: Config = {
distributionIdList: ['XXXXXXXXXXXXX', 'XXXXXXXXXXXXX'],
cdkStackProps: {
env: {
account: '000000000000',
region: 'ap-southeast-2'
},
tags
}
};
yarn install
install packagesyarn upgrade-interactive
easy way to update outdated packagesyarn format
formats all files supported by Prettier in the current directory and its subdirectoriesyarn test
perform the jest unit testsyarn clean
clean up yarn caches, remove node_modules and yarn.lockyarn cdk diff
compare deployed stack with current stateyarn cdk synth
emits the synthesized CloudFormation template