I was setting up a “Datadog Forwarder Lambda function” in Terraform to send AWS ALB logs to Datadog. During the process, I got stuck at an unexpected point and melted my time, so here are some of the points I got stuck on.
Intraduction
I was configuring Terraform to send ALB logs to Datadog, looking at the official Datadog documentation.
I followed the steps below.
To start collecting logs from your AWS services:
- Set up the Datadog Forwarder Lambda function in your AWS account.
- Enable logging for your AWS service (most AWS services can log to a S3 bucket or CloudWatch Log Group).
- Set up the triggers that cause the Forwarder Lambda to execute when there are new logs to be forwarded. There are two ways to configure the triggers.
参考:https://docs.datadoghq.com/ja/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function
I had trouble setting up the “Datadog Forwarder Lambda function” in step 1 and got stuck and melted my time, so here are the points I got stuck on.
I hope this will help others who have similar problems.
Problem
I was implementing the Datadog Forwarder Lambda function in Terraform using the following document as a reference, but the Lambda failed with the error “The API key is not valid” even though the Datadog API Key is set.
ref:https://docs.datadoghq.com/ja/serverless/forwarder/#terraform
The image diagram is as follows.
![](https://gonkunblog.com/wp-content/uploads/2022/10/1ec3dfd986e5881b82d63e0d3364e232-300x182.jpg)
Lambda Erros
[ERROR] Exception: The API key is not valid.
Traceback (most recent call last):
File "/var/lang/lib/python3.8/imp.py", line 234, in load_module
return load_source(name, filename, file)
File "/var/lang/lib/python3.8/imp.py", line 171, in load_source
module = _load(spec)
File "<frozen importlib._bootstrap>", line 702, in _load
File "<frozen importlib._bootstrap>", line 671, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 843, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/opt/python/lambda_function.py", line 67, in <module>
raise Exception("The API key is not valid.")
I implemented Forwarder’s Lambda using the documentation as a guide.
resource "aws_cloudformation_stack" "datadog_forwarder" {
name = "datadog-forwarder"
capabilities = ["CAPABILITY_IAM", "CAPABILITY_NAMED_IAM", "CAPABILITY_AUTO_EXPAND"]
parameters = {
DdApiKey = "this_value_is_not_used"
DdApiKeySecretArn = "REPLACE ME WITH THE SECRETS ARN"
FunctionName = "datadog-forwarder"
}
template_url = "https://datadog-cloudformation-template.s3.amazonaws.com/aws/forwarder/latest.yaml"
}
Root Cause
This was due to the fact that the region issuing the Datadog API Key was different from the Datadog site to which the metrics and logs were sent.
![](https://gonkunblog.com/wp-content/uploads/2022/10/b0b5b6a01da3a80670c7d6e855492d46-300x26.png)
![](https://gonkunblog.com/wp-content/uploads/2022/10/111250b53ddb74f56a3a8544a8e373f5-300x182.jpg)
Specifying the region with “DdSite” instead of the default value resolved the “The API key is not valid” error.
![](https://gonkunblog.com/wp-content/uploads/2022/10/64bd877dfdf8a058d899e40011b4cd3c-300x182.jpg)
The code is as follows
resource "aws_cloudformation_stack" "datadog_forwarder" {
name = "datadog-forwarder"
capabilities = ["CAPABILITY_IAM", "CAPABILITY_NAMED_IAM", "CAPABILITY_AUTO_EXPAND"]
parameters = {
DdApiKey = "this_value_is_not_used"
DdApiKeySecretArn = "REPLACE ME WITH THE SECRETS ARN"
FunctionName = "datadog-forwarder"
DdSite = "us5.datadoghq.com"
}
template_url = "https://datadog-cloudformation-template.s3.amazonaws.com/aws/forwarder/latest.yaml"
}
I thought that the API Key was probably not set correctly, so I did a lot of research and it took me a long time.
If you are having trouble with similar events, please check your “DdSite” settings once again.
Those who are using Datadog on a trial basis may want to be careful.
That is all.