The purpose of this extension is to replace all TYPO3 FileWriter's with our custom CloudWatchWriter pushing the logs to aws.
The extension transforms the FileWriter logFile
and logFileInfix
to a aws (log) stream
configuration.
If a FileWriter is marked as disabled
(which is the case for the TYPO3 deprecation log by default) it will be removed.
Set follow ENV variables to activate the logging
AWS_LOGS=true
set, to activate the extensionAWS_LOG_GROUP=<ACCOUNT>-<ENVIRONMENT>
likelt4u-test-germany-test
for log aws LogGroup
In the ext_localconf.php
, add
// AWS CloudWatch - replace file writers if feature is active
\Cron\CronAwslogs\Util\ReplaceFileWriter::replaceIfActive();
to an extension which is loaded after others, setting FileWriter configurations.
The CloudWatchLogsClient uses available aws credentials or aws env vars by default.
Create an Access Key in an user (managed by the IAM Tool) with the "CloudWatchLogsFullAccess" permission policy. Set the Access Key credentials to the env vars below.
AWS_DEFAULT_REGION=eu-central-1
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
In ECS the permissions should be available as an IAM TaskRole policy, for example:
CloudWatchLogsPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- "logs:CreateLogStream"
- "logs:PutLogEvents"
Resource: !GetAtt LogGroup.Arn
- SDK for PHP 3.x - Package to interact with AWS
- PutLogEvents - to push logs to CloudWatch