Skip to content

AWS CloudWatch Logs source

Consumes logs from Amazon CloudWatch Logs.

With tmctl:

tmctl create source awscloudwatchlogs --arn <arn> --auth.credentials.accessKeyID <keyID> --auth.credentials.secretAccessKey <key>

On Kubernetes:

apiVersion: sources.triggermesh.io/v1alpha1
kind: AWSCloudWatchLogsSource
metadata:
  name: sample
spec:
  arn: 'arn:aws:logs:us-west-2:123456789012:log-group:/aws/lambda/lambdadumper:*'
  pollingInterval: 5m

  auth:
    credentials:
      accessKeyID:
        valueFromSecret:
          name: awscreds
          key: aws_access_key_id
      secretAccessKey:
        valueFromSecret:
          name: awscreds
          key: aws_secret_access_key

  sink:
    ref:
      apiVersion: eventing.knative.dev/v1
      kind: Broker
      name: default

Alternatively you can use an IAM role for authentication instead of an access key and secret, for Amazon EKS only:

auth:
  iamrole: arn:aws:iam::123456789012:role/foo

To setup an IAM role for service accounts, please refer to the official AWS documentation.

Events produced have the following attributes:

See the Kubernetes object reference for more details.