How to use the @pulumi/aws.cloudwatch function in @pulumi/aws
To help you get started, we’ve selected a few @pulumi/aws examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
pulumi / pulumi-cloud / aws / logCollector.ts View on Github 
const zlib = await import("zlib");
const payload = new Buffer(ev.awslogs.data, "base64");
const result = zlib.gunzipSync(payload);
console.log(result.toString("utf8"));
cb(null, {});
} catch (err) {
cb(err);
}
},
{ parent: this },
);
this.lambda = collector.lambda;
// Although Lambda will create this on-demand, we create the log group explicitly so that we can delete it when
// the stack gets torn down.
const logGroup = new aws.cloudwatch.LogGroup(name, {
name: this.lambda.name.apply(n => "/aws/lambda/" + n),
}, { parent: this });
const region = aws.config.requireRegion();
const permission = new aws.lambda.Permission(name, {
action: "lambda:invokeFunction",
function: this.lambda,
principal: "logs." + region + ".amazonaws.com",
}, { parent: this });
}
}const clean = GraphqlWsOverWebSocketOverHttpStorageCleaner({
connectionStorage: webSocketOverHttpStorage.connections,
subscriptionStorage: webSocketOverHttpStorage.subscriptions,
})
await clean()
console.log("End storage cleanup lambda callback")
return
}
})
/** EventRule that produces events on a regular interval that will trigger the cleanupStorageLambdaFunction */
const storageCleanupSchedulerEventRule = new aws.cloudwatch.EventRule(`${name}-storageCleanupScheduler`, {
description: "Every 1 minute",
// https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html
scheduleExpression: "rate(1 minute)",
});
const storageCleanupEventSubscription = new aws.cloudwatch.EventRuleEventSubscription(
`${name}-storageCleanup-es`,
storageCleanupSchedulerEventRule,
cleanupStorageLambdaFunction,
{},
)
return { routes };
};});
let lambda = new aws.lambda.Function("mylambda", {
code: new asset.AssetArchive({
"index.js": new asset.StringAsset(
"exports.handler = (e, c, cb) => cb(null, {statusCode: 200, body: 'Hello, world!'});",
),
}),
role: role.arn,
handler: "index.handler",
runtime: aws.lambda.NodeJS6d10Runtime,
});
///////////////////
// Logging
///////////////////
let logGroup = new aws.cloudwatch.LogGroup("/aws/lambda/mylambda", {
retentionInDays: 7,
});
let logcollector = new aws.lambda.Function("mylambda-logcollector", {
code: new asset.AssetArchive({
"index.js": new asset.StringAsset(
"exports.handler = (e, c, cb) => console.log(e);",
),
}),
role: role.arn,
handler: "index.handler",
runtime: aws.lambda.NodeJS6d10Runtime,
});
let permission = new aws.lambda.Permission("logcollector-permission", {
action: "lambda:InvokeFunction",memorySize: functionMemorySize,
};
if (runLambdaInVPC) {
const network: Network | undefined = getNetwork();
// TODO[terraform-providers/terraform-provider-aws#1507]: Updates which cause existing Lambdas to need to
// add VPC access will currently fail due to an issue in the Terraform provider.
options.policies.push(aws.iam.AWSLambdaVPCAccessExecutionRole);
options.vpcConfig = {
securityGroupIds: network!.securityGroupIds,
subnetIds: network!.subnetIds,
};
}
this.lambda = new aws.serverless.Function(name, options, handler, { parent: this }).lambda;
// And then a log group and subscription filter for that lambda.
const _ = new aws.cloudwatch.LogSubscriptionFilter(name, {
logGroup: new aws.cloudwatch.LogGroup(name, {
name: this.lambda.name.then((n: string | undefined) => n && ("/aws/lambda/" + n)),
retentionInDays: 1,
}, { parent: this }),
destinationArn: getLogDestinationArn(),
filterPattern: "",
}, { parent: this });
}
}constructor(name: string, cluster: module.Cluster,
args: ClusterTaskDefinitionArgs, isFargate: boolean,
opts?: pulumi.ComponentResourceOptions) {
const logGroup = args.logGroup || new aws.cloudwatch.LogGroup(name, {
retentionInDays: 1,
}, opts);
const taskRole = args.taskRole || createTaskRole(opts);
const executionRole = args.executionRole || createExecutionRole(opts);
const containers = args.containers;
const exposedPortOpt = getExposedPort(name, cluster, containers);
// todo(cyrusn): volumes.
// // Find all referenced Volumes.
// const volumes: { hostPath?: string; name: string }[] = [];
// for (const containerName of Object.keys(containers)) {
// const container = containers[containerName];
// // Collect referenced Volumes.},
);
// Attach CloudWatch Logs policies to a role.
function attachLogPolicies(name: string, arn: pulumi.Input) {
new aws.iam.RolePolicyAttachment(name,
{ policyArn: fluentdCloudWatchPolicy.arn, role: arn},
);
}
attachLogPolicies("stdRpa", stdNodegroupIamRoleName);
attachLogPolicies("perfRpa", perfNodegroupIamRoleName);
// Deploy fluentd using the Helm chart.
const provider = new k8s.Provider("provider", {kubeconfig: config.kubeconfig});
const fluentdCloudWatchLogGroup = new aws.cloudwatch.LogGroup(name);
export let fluentdCloudWatchLogGroupName = fluentdCloudWatchLogGroup.name;
const fluentdCloudwatch = new k8s.helm.v2.Chart(name,
{
namespace: config.clusterSvcsNamespaceName,
chart: "fluentd-cloudwatch",
version: "0.11.0",
fetchOpts: {
repo: "https://kubernetes-charts-incubator.storage.googleapis.com/",
},
values: {
extraVars: [ "{ name: FLUENT_UID, value: '0' }" ],
rbac: {create: true},
awsRegion: aws.config.region,
logGroupName: fluentdCloudWatchLogGroup.name,
},
transformations: [Name: "HelloWorld",
},
});
const instanceMetric = awsx.ec2.metrics.cpuUtilization({ instance });
const instanceAlarm = instanceMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const cluster = new aws.ecs.Cluster("foo", {});
const clusterMetric = awsx.ecs.metrics.cpuUtilization({ cluster, unit: "Percent" });
const clusterAlarm = clusterMetric.createAlarm("alarm" + alarmIndex++, { threshold: 50, evaluationPeriods: 2 });
const userPool = new aws.cognito.UserPool("pool", {});
const userPoolMetric = awsx.cognito.metrics.compromisedCredentialsRisk({ userPool });
const userPoolAlarm = userPoolMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const eventRule = new aws.cloudwatch.EventRule("console", {
description: "Capture each AWS Console Sign In",
eventPattern: `{
"detail-type": [
"AWS Console Sign In via CloudTrail"
]
}
`,
});
const eventRuleMetric = awsx.cloudwatch.metrics.events.deadLetterInvocations({ eventRule });
const eventRuleAlarm = eventRuleMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const logGroup = new aws.cloudwatch.LogGroup("yada", {
tags: {
Application: "serviceA",
Environment: "production",
},this.scheduleExpression = scheduleExpression;
this.function = createFunction(
name,
(ev: any, ctx: aws.serverless.Context, cb: (error: any, result: any) => void) => {
handler().then(() => {
cb(null, null);
}).catch((err: any) => {
cb(err, null);
});
},
{ parent: this },
);
this.rule = new aws.cloudwatch.EventRule(name, {
scheduleExpression: scheduleExpression,
}, { parent: this });
this.target = new aws.cloudwatch.EventTarget(name, {
rule: this.rule.name,
arn: this.function.lambda.arn,
targetId: name,
}, { parent: this });
const permission = new aws.lambda.Permission(name, {
action: "lambda:invokeFunction",
function: this.function.lambda,
principal: "events.amazonaws.com",
sourceArn: this.rule.arn,
}, { parent: this });
this.scheduleExpression = scheduleExpression;const userPoolMetric = userPool.metrics.compromisedCredentialsRisk();
const userPoolAlarm = userPoolMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const eventRule = new aws.cloudwatch.EventRule("console", {
description: "Capture each AWS Console Sign In",
eventPattern: `{
"detail-type": [
"AWS Console Sign In via CloudTrail"
]
}
`,
});
const eventRuleMetric = eventRule.metrics.deadLetterInvocations();
const eventRuleAlarm = eventRuleMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const logGroup = new aws.cloudwatch.LogGroup("yada", {
tags: {
Application: "serviceA",
Environment: "production",
},
});
const logGroupMetric = logGroup.metrics.incomingBytes({ unit: "Megabytes" });
const logGroupAlarm = logGroupMetric.createAlarm("alarm" + alarmIndex++, { threshold: 512, evaluationPeriods: 2 });Name: "HelloWorld",
},
});
const instanceMetric = instance.metrics.cpuUtilization();
const instanceAlarm = instanceMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const cluster = new aws.ecs.Cluster("foo", {});
const clusterMetric = cluster.metrics.cpuUtilization({ unit: "Percent" });
const clusterAlarm = clusterMetric.createAlarm("alarm" + alarmIndex++, { threshold: 50, evaluationPeriods: 2 });
const userPool = new aws.cognito.UserPool("pool", {});
const userPoolMetric = userPool.metrics.compromisedCredentialsRisk();
const userPoolAlarm = userPoolMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const eventRule = new aws.cloudwatch.EventRule("console", {
description: "Capture each AWS Console Sign In",
eventPattern: `{
"detail-type": [
"AWS Console Sign In via CloudTrail"
]
}
`,
});
const eventRuleMetric = eventRule.metrics.deadLetterInvocations();
const eventRuleAlarm = eventRuleMetric.createAlarm("alarm" + alarmIndex++, { threshold: 120, evaluationPeriods: 2 });
const logGroup = new aws.cloudwatch.LogGroup("yada", {
tags: {
Application: "serviceA",
Environment: "production",
},@pulumi/aws
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
Package Health Score
92 / 100Popular @pulumi/aws functions
- @pulumi/aws.apigateway
- @pulumi/aws.autoscaling
- @pulumi/aws.cloudwatch
- @pulumi/aws.config
- @pulumi/aws.dynamodb
- @pulumi/aws.ec2
- @pulumi/aws.ecr
- @pulumi/aws.ecs
- @pulumi/aws.efs
- @pulumi/aws.elasticloadbalancingv2
- @pulumi/aws.getAmi
- @pulumi/aws.getAvailabilityZones
- @pulumi/aws.iam
- @pulumi/aws.lambda
- @pulumi/aws.rds
- @pulumi/aws.route53
- @pulumi/aws.s3
- @pulumi/aws.sdk
- @pulumi/aws.serverless
- @pulumi/aws.sns