Amazon CloudTrail to AWS Lambda to Amazon OpenSearch

Amazon CloudTrail → AWS Lambda → Amazon OpenSearch

Create an OpenSearch cluster in VPC that receives CloudTrail CloudWatch Logs from Lambda.

This project contains a sample AWS CDK template to create Amazon CloudTrail, a CloudWatch Logs Group, AWS Lambda function and Amazon OpenSearch serverless collection.

The EventBridge rule publishes matched events to CloudWatch Logs from CloudTrail.

The Lambda function indexes those logs to Amazon OpenSearch which can be further viewed from the Amazon OpenSearch dashboard.

< Back to all patterns

Language:: Python
Framework:: AWS CDK

Download this pattern (.zip)

View this pattern on GitHub

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/cloudtrail-streaming-to-opensearch-serverless-cdk

Deploy

cdk deploy

Testing

See the GitHub repo for detailed testing instructions.

Cleanup

Delete the stack: cdk destroy.

Additional resources

Ingesting data into Amazon OpenSearch Serverless collections

Fine-grained access control in Amazon OpenSearch Service

Created by:

Rupesh Tiwari

Senior Solutions Architect at AWS Global Financial Services.

Follow on LinkedIn