By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

The landing zone accelerator, log everything to centralized logging account by default so what does "enable" parameter does.

0

In the landing zone configuration reference, there is a config parameter called "enable" and the description written as this. "Enable or disable CloudWatch replication" What does that mean. I checked the s3 bucket in central log account and all the buckets are already created and the logs are being stored there. So what does this enable ?

Topics
Security, Identity, & ComplianceInfrastructure as Code
Tags
Landing Zone Accelerator on AWS
Language
English
Aman Singh
asked 4 months ago197 views
1 Answer
0

I believe this streams all cloud watch log groups in core and workload accounts to kinesis firehouse and then stores them in the central s3 bucket.

Via a cloud formation stack It deploys a lambda function and cloud watch event to monitor for new log group creation at which point it configures retention, kms and filtering to firehouse.

profile picture
EXPERT
Gary Mclean
answered 4 months ago
  • Aman Singh
    4 months ago

    Yeah this is mentioned in document, but it seems LZA does this by default. So what this "enable" config property do on top of it ?

  • Gary Mclean EXPERT
    4 months ago

    I’d have to read all the CF config but I assume if you set it to false it will not setup all or part of the central cloud watch log replication. Ie it will not configure cloud watch log streaming via kineses. I believe it’s true by default.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content