AWS CloudWatch Setup Guidelink
Follow our step-by-step guide to integrate Fivetran logs into your AWS CloudWatch platform.
Prerequisiteslink
To connect AWS Cloudwatch to Fivetran, you need an AWS account that grants permission to write logs.
Setup instructionslink
Find external IDlink
- On the Destinations list, choose the destination, to which you want to connect a log service.
- Click Connect Your Logging Service.
- Select AWS CloudWatch from the list.
- Make note of the External ID. You will need it to configure AWS Cloudwatch.
Create IAM policylink
In your AWS account, open IAM Management Console.
Click Policies.
Click Create policy.
Select the JSON tab.
Copy the following section into the space provided in the Json tab:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "*" } ] }
Click Review policy.
In the Review policy page, fill the Name field with the value
Fivetran-CloudWatch-Logs-Access
.Click Create policy.
Create IAM rolelink
Select Roles from the sidebar menu, then click Create role.
In the Select type of trusted entity section, click Another AWS account. In the Account ID field, enter Fivetran's account ID
834469178297
.In the Options section, click Require external ID. Enter the External ID you found in Step 1 .
Click Next: Permissions.
Find and select the Fivetran-CloudWatch-Logs-Access policy, then click Next: Review.
Name your role, then click Create role.
In the
Roles
section, select the role you just created and note the Role ARN. You will need it to configure Fivetran.
Finish Fivetran configurationlink
- Return to the external log setup form.
- Enter the Log Group Name.
- Enter the Role ARN you created in Step 3.
- Select Region from the dropdown options.
- Click Save & Test.
IMPORTANT: The Log Group Name should follow the
^[.\-_/#A-Za-z0-9]+$
pattern.
Related articleslink
description Connector Overview