Consider supporting log ingest enablement through a resource like Datadog::Integrations::AWS #224
Description
Note:
If you have a feature request, you should contact support so the request can be properly tracked.
Is your feature request related to a problem? Please describe.
I would like to use a resource like Datadog::Integrations::AWS resources to enable log collection for the account within the AWS integration for the automatically set-up triggers referenced here: https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/?tab=awsconsole#automatically-set-up-triggers
Describe the solution you'd like
Create a resource like the Datadog::Integrations::AWS resource and examples that use it to allow specifying the collection of logs from sources with automatically set up triggers; including: API Gateway Access Logs, API Gateway Execution Logs, Application ELB Access Logs, Classic ELB Access Logs, CloudFront Access Logs, Lambda Logs, Redshift Logs, and S3 Access Logs.
A specification mechanism like the one for AccountSpecificNamespaceRules in the the Datadog::Integrations::AWS resource could be used to specify each log type in the resource configuration https://github.com/DataDog/datadog-cloudformation-resources/blob/master/datadog-integrations-aws-handler/datadog-integrations-aws.json#L69-L78
Another resource type besides Datadog::Integrations::AWS is likely useful since it will need to specify the ARN of the Datadog forwarder lambda being used.
Describe alternatives you've considered
We write our own CFN custom resource provider to handle this today, and roll that custom resource provider out to our accounts. It's a pain, and a maintenance burden that I'd rather not have.
We just end up posting to these Datadog APIs from that resource provider
- https://api.datadoghq.com/api/v1/integration/aws/logs
- https://api.datadoghq.com/api/v1/integration/aws/logs/services
Additional context
