[PFR] Onboard APIGW as a source
jonrau1 opened this issue · comments
Story
As a user of SyntheticSun, I want to have API Gateway Access Logs onboarded so that I can use the enrichment, analysis and anomaly detection of the solution for my APIs
Definition of Done
- ES Index added to gewalthaufen.py
- Add a HTTP APIGWv2 deployment to Stage 3 CFN
- Add new resources:
- Lambda function to return values
- Lambda function to parse logs
- CloudWatch logs group for Access Logs
- Lambda permission for APIGW to invoke the function
- Lambda permissions & Log subscription for Access Logs
- Add ZIP lambda function to Stage-1/Artifacts
- Update both Stage 3 Architecture diagrams & readme steps
- Create helper script to add Access Logs in the correct format
- Integrate with WAF IP Insights
Nice to Have
N/A
Additional Information
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#aws-resource-apigatewayv2-api--examples
- https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/apigatewayv2.html#ApiGatewayV2.Client.update_stage
- https://bl.ocks.org/magnetikonline/c314952045eee8e8375b82bc7ec68e88
Need to develop access log helper script and update readme steps for Stage 3
Added wrong PR lol