◾️はじめに
https://dk521123.hatenablog.com/entry/2025/09/17/224604
で、 「案2:S3イベント通知→EventBridge→CloudWatch Logs→Datadog」 という案を提示したが、そのTerraform コードを作ってみた
【1】やろうとしていること
s3 イベント(PUT/DELETE)をEventBridgeで拾い CloudWatch Logsにログを出力したい
【2】前提知識
1)EventBridge
* 詳細は、以下の関連記事を参照
EventBridge ~ 基礎知識編 ~
https://dk521123.hatenablog.com/entry/2021/06/08/213748
2)CloudWatch
* 詳細は、以下の関連記事を参照
CloudWatch ~ 基礎知識編 ~
https://dk521123.hatenablog.com/entry/2022/03/08/145856
【3】サンプル
例1:S3イベント通知→EventBridge→CloudWatch Logs
main.tf
provider "aws" { region = "us-west-2" } # s3 / IAM は既存のものを使う data "aws_s3_bucket" "target_s3" { bucket = "your-s3-bucket" } data "aws_iam_role" "target_role" { name = "your_s3_event_role" } # For CloudWatch # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group resource "aws_cloudwatch_log_group" "cloudwatch_for_s3events" { name = "aws/events/s3-event" retention_in_days = 7 } # For s3 notifications # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_notification # eventbridge - (Optional) Whether to enable Amazon EventBridge notifications. Defaults to false. # # Point1: Enable EventBridge notifications resource "aws_s3_bucket_notification" "eventbridge" { bucket = data.aws_s3_bucket.target_s3.id eventbridge = true } # For Event rule # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule # # Point2: Define event rule resource "aws_cloudwatch_event_rule" "s3_object" { name = "demo-s3-object" description = "For demo" event_pattern = jsonencode({ "detail-type" : ["Object Created"], "source" : ["aws.s3"], "detail" : { "bucket" : { "name" : [data.aws_s3_bucket.target_s3.bucket] }, "object" : { "key" : [{ "prefix" : "input-file/" }] } } }) } # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_resource_policy # # Point3: Define resource policy of CloudWatch Logs for CloudWatch Logs resource "aws_cloudwatch_log_resource_policy" "eventbridge_logs_policy" { policy_name = "demo-eventbridge-log-policy" policy_document = jsonencode({ Version = "2012-10-17", Statement = [ { Effect = "Allow", Principal = { Service = [ "events.amazonaws.com" ] }, Action = [ "logs:CreateLogStream", "logs:PutLogEvents" ], Resource = ["${aws_cloudwatch_log_group. cloudwatch_for_s3events.arn}:*"] } ] }) } # EventBridge to CloudWatch Logs # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target # # Point4: Associating event rule with CloudWatch Logs resource "aws_cloudwatch_event_target" "log_group" { rule = aws_cloudwatch_event_rule.s3_object.name arn = aws_cloudwatch_log_group.cloudwatch_for_s3events.arn depends_on = [ aws_cloudwatch_log_resource_policy.eventbridge_logs_policy ] }
関連記事
Terraform ~ 環境構築編 ~
https://dk521123.hatenablog.com/entry/2023/04/05/000224
Terraform ~ 入門編 ~
https://dk521123.hatenablog.com/entry/2019/12/09/222057
Terraform ~ 基本編 ~
https://dk521123.hatenablog.com/entry/2023/05/03/000000
Terraform ~ local ~
https://dk521123.hatenablog.com/entry/2023/12/24/173633
Terraform ~ tfstate / Backend ~
https://dk521123.hatenablog.com/entry/2023/05/05/004939
Terraform ~ Terraformあれこれ ~
https://dk521123.hatenablog.com/entry/2023/05/15/205352
Terraform ~ terraform initコマンド ~
https://dk521123.hatenablog.com/entry/2025/09/24/221918
Terraform ~ AWS Lambda / 入門編 ~
https://dk521123.hatenablog.com/entry/2024/05/30/010920
Terraform ~ 複数環境へデプロイすることを考える ~
https://dk521123.hatenablog.com/entry/2023/05/06/003645
Lambda ~ Python / 入門編 ~
https://dk521123.hatenablog.com/entry/2021/10/07/103317
Lambda ~ Python / 外部モジュール追加 ~
https://dk521123.hatenablog.com/entry/2024/05/25/005456
Lambda ~ Python / S3トリガー ~
https://dk521123.hatenablog.com/entry/2024/05/23/162229
datadog ~ s3 ファイル到達の監視を考える ~
https://dk521123.hatenablog.com/entry/2025/09/17/224604
Terraform ~ s3 ファイル到達の監視を考える ~
https://dk521123.hatenablog.com/entry/2025/09/18/003116
EventBridge ~ 基礎知識編 ~
https://dk521123.hatenablog.com/entry/2021/06/08/213748
CloudWatch ~ 基礎知識編 ~
https://dk521123.hatenablog.com/entry/2022/03/08/145856
