We have a CloudFormation stack that automates the setup of your AWS account connection to our log monitoring service. Below is a list of the permissions this CloudFormation stack will require, which operations our system can perform and why we need those.
In case you would like to review the YAML file directly, here is the link to the CloudFormation stack hosted in an S3 bucket owned by Dashbird.
|Services||Operations||Why we need these permissions|
Put Subscription Filter
Describe Subscription Filters
Filter Log Events
Describe Log Streams
|Discover and access the logs produced by your Lambdas, so that we can do our magic|
|Identify your Lambda functions for monitoring|
|Link your Lambda logs to X-Ray traces for easy debugging and monitoring|
|Identify your API Gateways and monitor them|
|CloudWatch Events help complement data monitored by Dashbird|
|Maintain our CloudFormation stack to make sure your AWS account is properly connected to Dashbird|
|Make sure we have all subscriptions in place to monitor your Lambda logs|
The services below aren’t currently being monitored by Dashbird and we don’t use those permissions yet. They are listed in our stack because we have a plan to offer support to those services. We wanted to future-proof our stack and be able to broaden our support to the AWS cloud stack.
Can't find what you're looking for? We'd love to help. Send us a message through the chat bubble or email us.