- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Ensure logging is enabled for AWS CloudFront to track things like client IP addresses and access points.
Logging tracks requests made through the CDN. With this information, you can detect changes in requests, complete security audits, and use other AWS tooling such as AWS WAF to block requests from certain IP addresses.
Follow the Configuring and using standard logs docs to enable logging for AWS CloudFront.
Run create-bucket
to create an S3 bucket for your CloudFront log files.
create-bucket.sh
aws s3api create-bucket
--bucket your-bucket-name
Once the S3 bucket location is returned, run get-distribution-config
with your AWS CloudFront distribution ID to retrieve your distribution’s configuration information.
get-distrbution-config.sh
aws cloudfront get-distribution-config
--id ID000000000000
Create a new JSON file with the returned configuration. Enable logging and set an S3 bucket location (returned in step 1) to configure where the logs will be located. Save the file.
logging-enabled.json
{
"ETag": "ID000000000000",
"DistributionConfig": {
...
"Logging": {
"Bucket": "your-bucket-name.s3.amazonaws.com",
"Enabled": true,
},
...
}
}
}
Run update-distribution
to update your distribution with your distribution id
, the path of the configuration file (created in step 3), and your etag
.
update-distribution.sh
aws cloudfront update-distribution
--id ID000000000000
--distribution-config logging-enabled.json
--if-match ETAG1000000000