Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Forwarder] Private link support (VPC configuration support through CF template)
See original GitHub issuehttps://docs.datadoghq.com/agent/guide/private-link/?tab=logs#client-configuration
The above documentation is a little misleading since the default cloudformation template doesn’t seem to support enabling VPC/subnets/security group. It also can’t be added by brute force unless you attach the missing AWSLambdaVPCAccessExecutionRole to the role.
I could be missing something, but it’s not entirely obvious. Are you guys planning on adding these config parameters at some point? I can send send a PR, but this will introduce some pretty obnoxious branching/parameter collecting that you guys are going to able pump out a lot faster/cleaner.
AWS::Serverless::Function would need a branching forVpcConfig
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html
Also the execution role will need aws managed AWSLambdaVPCAccessExecutionRole
I got it working, but i’m just drifting the stack and brute forcing my way there, just not a long term solution.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:7 (6 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
We’ve added Private Link in the latest release, 3.11.0. I’m closing this issue for now, but feel free to re-open if you have any issues.
This is exciting! I’m beginning on the exact same path as @rromanchuk over the past week, when I realized there was no VPC so it couldn’t use my privatelink is when I searched and found this. I think I’ll be manually modifying my lambdas in the mean-time, but definitely interested in seeing this update.
It’s probably much more important for the forwarder as logs can end up being quite a few GB in some cases, but I’m also looking at it for the RDS enhanced metrics lambda even though it’s just api/metrics, small traffic. Since all the agents and everything else would be using private link, it seems funny to just have the one going over the internet gateway.