- Open the AWS integration tile within the Datadog platform.
- Click "Add an account".
- Enter your AWS Account ID, e.g., 123456789012.
- Enter IAM Role name
DatadogIntegrationRole(needs to match the value ofIAMRoleNamein the next step). - Copy the External ID for the next step to use.
- Log into your admin AWS account/role and deploy the CloudFormation Stack with the button above.
- Fill in all the
Requiredparameters. - Optinally edit
LogArchivesandCloudTrailsto configure Log Archives and CloudTrail integration. - On a rare occasion, if you already have a stack deployed in the same AWS account using this template (e.g., monitor the same AWS account in multiple Datadog accounts), You MUST use a different role name for
IAMRoleNameand setInstallDatadogPolicyMacrotofalse. - Click Create stack.
- Fill in all the
This template creates the following AWS resources required by the Datadog AWS integration:
- An IAM role for Datadog to assume for data collection (e.g., CloudWatch metrics)
- The Datadog Forwarder Lambda function to ship logs from S3 and CloudWatch, custom metrics and traces from Lambda functions to Datadog
- The Datadog Forwarder only deploy to the AWS region where the AWS integration CloudFormation stack is launched. If you operate in multiple AWS regions, you can deploy the Forwarder stack (without the rest of the AWS integration stack) directly to other regions as needed.
- The Datadog Forwarder is installed with default settings as a nested stack, edit the nested stack directly to update the forwarder specific settings.
This CloudFormation stack only manages AWS resources required by the Datadog AWS integration. The actual integration configuration within Datadog platform can also be managed in CloudFormation using the custom resource Datadog::Integrations::AWS if you like.
If you prefer managing the AWS resources using Terraform, check out the sample Terraform configuration datadog_aws_integration.tf.