Amazon S3 Source

Ce produit n'est pas pris en charge par le site Datadog que vous avez sélectionné. ().
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.
Disponible pour:

Logs

Use Observability Pipelines’ Amazon S3 source to receive logs from Amazon S3. Select and set up this source when you set up a pipeline.

Prerequisites

To use Observability Pipelines’ Amazon S3 source, you must configure a SQS queue to receive your S3 bucket notifications.

Set up the source in the pipeline UI

Select and set up this source when you set up a pipeline. The information below is for the source settings in the pipeline UI.

Only enter the identifiers for the Amazon S3 URL and, if applicable, the TLS key pass. Do not enter the actual values.
  1. Enter the identifier for your Amazon S3 URL. If you leave it blank, the default is used.
  2. Enter the AWS region.

Optional settings

AWS authentication

Select an AWS authentication option. If you select Assume role:

  1. Enter the ARN of the IAM role you want to assume.
  2. Optionally, enter the assumed role session name and external ID.

Enable TLS

Toggle the switch to Enable TLS. If you enable TLS, the following certificate and key files are required.
Note: All file paths are made relative to the configuration data directory, which is /var/lib/observability-pipelines-worker/config/ by default. See Advanced Worker Configurations for more information. The file must be owned by the observability-pipelines-worker group and observability-pipelines-worker user, or at least readable by the group or user.

  • Enter the identifier for your Amazon S3 key pass. If you leave it blank, the default is used.
  • Server Certificate Path: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509).
  • CA Certificate Path: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509).
  • Private Key Path: The path to the .key private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format.

Set secrets

These are the defaults used for secret identifiers and environment variables.

Note: If you enter identifiers for your secrets and then choose to use environment variables, the environment variable is the identifier entered and prepended with DD_OP. For example, if you entered PASSWORD_1 for a password identifier, the environment variable for that password is DD_OP_PASSWORD_1.

    • Amazon S3 URL identifier:
      • References the URL of the SQS queue to which the S3 bucket sends the notification events.
      • The default identifier is SOURCE_AWS_S3_SQS_URL.
    • Amazon S3 TLS passphrase identifier (when TLS is enabled):
      • The default identifier is SOURCE_AWS_S3_KEY_PASS.
    • Amazon S3 SQS URL:
      • The URL of the SQS queue to which the S3 bucket sends the notification events.
      • The default environment variable is DD_OP_SOURCE_AWS_S3_SQS_URL
    • AWS_CONFIG_FILE path:
      • The path to the AWS configuration file local to this node.
      • The default environment variable is AWS_CONFIG_FILE.
    • AWS_PROFILE name:
      • The name of the profile to use within these files.
      • The default environment variable is AWS_PROFILE.
    • AWS S3 TLS passphrase (when enabled):
      • The default environment variable is DD_OP_SOURCE_AWS_S3_KEY_PASS.

    AWS Authentication

    The Observability Pipelines Worker uses the standard AWS credential provider chain for authentication. See AWS SDKs and Tools standardized credential providers for more information.

    Permissions

    For Observability Pipelines to collect logs from Amazon S3, the following policy permissions are required:

    • s3:GetObject
    • sqs:ReceiveMessage
    • sqs:DeleteMessage