Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

CloudWatch log subscription from Lambda doesn't show in the AWS Console UI, if created via CLI

0

If I have a Lambda that's set up to ingest CloudWatch logs from a particular log group, I can add a trigger via the UI and it will be listed along with that Lambda under "Configuration" > "Triggers". It will also be listed if I go to the log group itself in CloudWatch and select "Subscription filters".

However, I can accomplish much the same thing via the CLI by doing the following:

aws logs put-subscription-filter --log-group-name [whatever-the-name-is] --filter-name [a-name-for-the-subscription] --filter-pattern "" --destination-arn "arn:aws:lambda:[region]:[id]:[the-lambda-in-question]" --distribution ByLogStream

If I do this it will show up as a "Subscription filter" for the log group, but not as a "Trigger" for the Lambda. It still works the same way, though.

Themen
ServerlosKalkulationManagement & Unternehmensführung
Tags
AWS LambdaAmazon CloudWatchAmazon CloudWatch-Protokolle
Sprache
English
Timothy
gefragt vor einem Jahr486 Aufrufe
1 Antwort
0

Hi there

Here are the steps to configure an Amazon CloudWatch subscription filter to invoke an AWS Lambda Function:

  1. You will need to grant CloudWatch Logs permission to invoke the Lambda Function using the "AddPermission" API:

********** CLI Command **********

aws lambda add-permission
--function-name "FunctionName"
--statement-id "AllowCWToInvokeLambdaFunction"
--principal "logs.amazonaws.com"
--action "lambda:InvokeFunction"
--source-arn "arn:aws:logs:region:AccountID:log-group:YourLogGroup:*"
--source-account "AccountID"

********** CLI Command **********

---> Replace "FunctionName" with the name of your Lambda Function. ---> Replace "AccountID" with your AWS Account ID. ---> Replace "YourLogGroup" with the name of your CloudWatch Log Group.

  1. Create a Subscription Filter using the "PutSubscriptionFilter" API to send Log Events that contain a keyword. In the below example, the keyword "ERROR" is being used:

********** CLI Command **********

aws logs put-subscription-filter
--log-group-name YourLogGroup
--filter-name demo
--filter-pattern "ERROR"
--destination-arn arn:aws:lambda:region:AccountID:function:FunctionName

********** CLI Command **********

---> Replace "FunctionName" with the name of your Lambda Function. ---> Replace "AccountID" with your AWS Account ID. ---> Replace "YourLogGroup" with the name of your CloudWatch Log Group.

The CloudWatch Log Group "YourLogGroup" will invoke the Lambda Function when it receives a Log Event with the "ERROR" keyword.

References: [1] https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/SubscriptionFilters.html#LambdaFunctionExample

AWS
SUPPORT-TECHNIKER
TheLich
beantwortet vor einem Jahr
  • Timothy
    vor einem Jahr

    Yeah, that's what I did. And it does work. I'm just pointing out that it has different visibility than I was expecting, because if I do it via the UI it shows up both as a "Subscription filter" for the log group and as a "Trigger" for the Lambda, but if I do it via the CLI it doesn't show up as a "Trigger", only a "Subscription filter".

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt