Install Serverless Monitoring for AWS Step Functions
Requirements
- The full Step Function execution length must be less than 15 minutes for full traces.
- Linked Lambda traces are supported for Node.js (layer v94+) and Python (layer v75+) runtimes.
Setup
For developers using Serverless Framework to deploy serverless applications, use the Datadog Serverless Framework Plugin.
If you have not already, install the Datadog Serverless Framework Plugin v5.40.0+:
serverless plugin install --name serverless-plugin-datadog
Ensure you have deployed the Datadog Lambda Forwarder, a Lambda function that ships logs from AWS to Datadog, and that you are using v3.74.0+. You may need to update your Forwarder.
Take note of your Forwarder’s ARN.
Add the following to your serverless.yml
:
custom:
datadog:
site: <DATADOG_SITE>
apiKeySecretArn: <DATADOG_API_KEY_SECRET_ARN>
forwarderArn: <FORWARDER_ARN>
enableStepFunctionTracing: true
- Replace
<DATADOG_SITE>
with
(ensure the correct SITE is selected on the right). - Replace
<DATADOG_API_KEY_SECRET_ARN>
with the ARN of the AWS secret where your Datadog API key is securely stored. The key needs to be stored as a plaintext string (not a JSON blob). The secretsmanager:GetSecretValue
permission is required. For quick testing, you can instead use apiKey
and set the Datadog API key in plaintext. - Replace
<FORWARDER_ARN>
with the ARN of your Datadog Lambda Forwarder, as noted previously.
For additional settings, see Datadog Serverless Framework Plugin - Configuration parameters.
For Node.js and Python runtimes, set mergeStepFunctionAndLambdaTraces:true
in your serverless.yaml
file. This links your Step Function traces with Lambda traces. If you have not instrumented your Lambda functions to send traces, you can follow the steps to add the Lambda layer for your preferred runtime.
If you have not already, install the Datadog CLI v2.18.0+.
npm install -g @datadog/datadog-ci
Ensure you have deployed the Datadog Lambda Forwarder, a Lambda function that ships logs from AWS to Datadog, and that you are using v3.74.0+. You may need to update your Forwarder.
Take note of your Forwarder’s ARN.
Instrument your Step Function.
datadog-ci stepfunctions instrument --step-function <STEP_FUNCTION_ARN> --forwarder <FORWARDER_ARN>
- Replace
<STEP_FUNCTION_ARN>
with the ARN of your Step Function. - Replace
<FORWARDER_ARN>
with the ARN of your Datadog Lambda Forwarder, as noted previously.
For more information about the datadog-ci stepfunctions
command, see the Datadog CLI documentation.
For Node.js and Python runtimes, add the flag --mergeStepFunctionAndLambdaTraces
in your command. This links your Step Function traces with Lambda traces. If you have not yet instrumented your Lambda functions to send traces, you can follow the steps to add the Lambda layer for your preferred runtime.
Enable all logging for your Step Function. In your AWS console, open your state machine. Click Edit and find the Logging section. There, set Log level to ALL
and enable the Include execution data checkbox.
Ensure you have deployed the Datadog Lambda Forwarder, a Lambda function that ships logs from AWS to Datadog, and that you are using v3.74.0+. You may need to update your Forwarder.
Take note of your Forwarder’s ARN.
Subscribe CloudWatch logs to the Datadog Lambda Forwarder. To do this, you have two options:
If you are using a different instrumentation method such as Serverless Framework or datadog-ci, enabling autosubscription may create duplicated logs. Choose one configuration method to avoid this behavior..
Enable tracing on your Step Function by adding a DD_TRACE_ENABLED
tag. Set the value to true
.
Set up tags. Open your AWS console and go to your Step Functions state machine. Open the Tags section and add env:<ENV_NAME>
and service:<SERVICE_NAME>
tags. The env
tag is required to see traces in Datadog, and it defaults to dev
. The service
tag defaults to the state machine’s name.
For Node.js and Python runtimes, you can link your Step Function traces to Lambda traces. On the Lambda Task, set the Parameters
key with the following:
"Parameters": {
"Payload.$": "States.JsonMerge($$, $, false)",
...
}
The JsonMerge
intrinsic function merges the Step Functions context object ($$
) with the original Lambda’s input payload ($
). Fields of the original payload overwrite the Step Functions context object if their keys are the same.
Example:
"Lambda Read From DynamoDB": {
"Type": "Task",
"Resource": "arn:aws:states:::lambda:invoke",
"Parameters": {
"Payload.$": "States.JsonMerge($$, $, false)",
"FunctionName": "${lambdaArn}"
},
"End": true
}
Alternatively, if you have business logic defined in the payload, you could also use the following:
"Lambda Read From DynamoDB": {
"Type": "Task",
"Resource": "arn:aws:states:::lambda:invoke",
"Parameters": {
"Payload": {
...
"Execution.$": "$$.Execution",
"State.$": "$$.State",
"StateMachine.$": "$$.StateMachine"
},
"FunctionName": "${lambdaArn}"
},
"End": true
}
If you have not yet instrumented your Lambda functions to send traces, you can follow the steps to add the Lambda layer for your preferred runtime.
See your Step Function metrics, logs, and traces in Datadog
After you have invoked your state machine, go to the Serverless app in Datadog. Search for service:<YOUR_STATE_MACHINE_NAME>
to see the relevant metrics, logs, and traces associated with that state machine. If you set the service
tag on your state machine to a custom value, search for service:<CUSTOM_VALUE>
.
If you cannot see your traces, see Troubleshooting.