Header menu logo FsCDK

Observability Module

Observability helpers for CloudTrail, CloudWatch, GuardDuty, and AWS Config. **Rationale:** - CloudTrail provides audit logs for compliance and security investigations - CloudWatch alarms enable proactive incident response - GuardDuty detects threats and anomalous behavior - AWS Config tracks resource configuration changes These tools are essential for: - Security monitoring and threat detection - Compliance auditing (SOC2, HIPAA, PCI-DSS) - Operational visibility and troubleshooting - Cost optimization through usage tracking

Types

Type Description

AlarmTemplate

Template for common CloudWatch alarm configurations

Functions and values

Function or value Description

createALB5xxAlarm alarmName loadBalancerFullName threshold evaluationPeriods

Full Usage: createALB5xxAlarm alarmName loadBalancerFullName threshold evaluationPeriods

Parameters:
    alarmName : string - Name of the alarm
    loadBalancerFullName : string - ALB full name (e.g., app/my-lb/1234567890abcdef)
    threshold : float option - Error count threshold (default: 10)
    evaluationPeriods : int option - Number of periods to evaluate (default: 2)

Returns: AlarmProps

Creates a CloudWatch alarm for ALB 5xx errors

alarmName : string

Name of the alarm

loadBalancerFullName : string

ALB full name (e.g., app/my-lb/1234567890abcdef)

threshold : float option

Error count threshold (default: 10)

evaluationPeriods : int option

Number of periods to evaluate (default: 2)

Returns: AlarmProps

createAlarmFromTemplate alarmName template

Full Usage: createAlarmFromTemplate alarmName template

Parameters:
Returns: AlarmProps

Creates a CloudWatch alarm from a template

alarmName : string
template : AlarmTemplate
Returns: AlarmProps

createCloudTrail trailName bucket includeGlobalEvents

Full Usage: createCloudTrail trailName bucket includeGlobalEvents

Parameters:
    trailName : string - Name of the CloudTrail
    bucket : IBucket option - Optional S3 bucket for logs (creates one if not provided)
    includeGlobalEvents : bool - Include global service events (IAM, CloudFront, etc.)

Returns: TrailProps

Creates a CloudTrail with encrypted logs stored in S3

trailName : string

Name of the CloudTrail

bucket : IBucket option

Optional S3 bucket for logs (creates one if not provided)

includeGlobalEvents : bool

Include global service events (IAM, CloudFront, etc.)

Returns: TrailProps

createLambdaErrorAlarm alarmName functionName threshold evaluationPeriods

Full Usage: createLambdaErrorAlarm alarmName functionName threshold evaluationPeriods

Parameters:
    alarmName : string - Name of the alarm
    functionName : string - Lambda function name to monitor
    threshold : float option - Error count threshold (default: 5)
    evaluationPeriods : int option - Number of periods to evaluate (default: 1)

Returns: AlarmProps

Creates a CloudWatch alarm for Lambda function errors

alarmName : string

Name of the alarm

functionName : string

Lambda function name to monitor

threshold : float option

Error count threshold (default: 5)

evaluationPeriods : int option

Number of periods to evaluate (default: 1)

Returns: AlarmProps

createRDSCpuAlarm alarmName dbInstanceIdentifier threshold evaluationPeriods

Full Usage: createRDSCpuAlarm alarmName dbInstanceIdentifier threshold evaluationPeriods

Parameters:
    alarmName : string - Name of the alarm
    dbInstanceIdentifier : string - RDS instance identifier
    threshold : float option - CPU percentage threshold (default: 80)
    evaluationPeriods : int option - Number of periods to evaluate (default: 2)

Returns: AlarmProps

Creates a CloudWatch alarm for RDS CPU utilization

alarmName : string

Name of the alarm

dbInstanceIdentifier : string

RDS instance identifier

threshold : float option

CPU percentage threshold (default: 80)

evaluationPeriods : int option

Number of periods to evaluate (default: 2)

Returns: AlarmProps

Type something to start searching.