An AWS lambda function to upload RDS logs to S3.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.env.example
.gitignore
LICENSE
README.md
context.json
event.json.example
index.js
package-lock.json
package.json
rds-policy.json.example
s3-policy.json.example
target-json-template.sh

README.md

lambda-rds-logs-uploader

Upload RDS logs to S3.

Usage

Install Node Modules

npm install

Create IAM Policies

cp s3-policy.json.example s3-policy.json
cp rds-policy.json.example rds-policy.json

s3_policy_arn=$(
  aws iam create-policy \
    --policy-name AmazonS3LogsWriteAccess \
    --policy-document file://s3-policy.json \
    | jq -r ".Policy.Arn"
)

rds_policy_arn=$(
  aws iam create-policy \
    --policy-name AmazonRDSLogsAccess \
    --policy-document file://rds-policy.json \
    | jq -r ".Policy.Arn"
)

Create IAM Role for Lambda Function

role_arn=$(
  aws iam create-role \
    --role-name lambda_rds_logs_uploader \
    --assume-role-policy-document file://assume-policy-document.json \
    | jq -r ".Role.Arn"
)
aws iam attach-role-policy \
  --role-name lambda_rds_logs_uploader \
  --policy-arn ${s3_policy_arn}
aws iam attach-role-policy \
  --role-name lambda_rds_logs_uploader \
  --policy-arn ${rds_policy_arn}

Deploy Lambda Function

region=ap-northeast-1
func_arn=$(
  node_modules/.bin/node-lambda deploy \
    --environment production \
    --region ${region} \
    --functionName rds-logs-uploader \
    --role ${role_arn} \
    --timeout 300 \
    --description "Created by https://github.com/Wondershake/lambda-rds-logs-uploader" \
    --excludeGlobs ".* *.example *.md *.json *.sh LICENSE" \
    | grep FunctionArn \
    | sed -E "s/^[^']+'(.+)'.*/\1/"
)

Create Scheduling Rule

rule_arn=$(
  aws events put-rule \
    --name lambda-rds-logs-uploader-rule \
    --schedule-expression 'rate(1 day)' \
    | jq -r ".RuleArn"
)

Add Lambda Permission to Scheduling Rule

aws lambda add-permission \
  --function-name rds-logs-uploader-production \
  --statement-id lambda-rds-logs-uploader \
  --action lambda:InvokeFunction \
  --principal events.amazonaws.com \
  --source-arn ${rule_arn}

Add Event Target

s3bucket=your-bucket
s3prefix=prefix/
instance=db-instance-name

aws events put-targets \
  --rule lambda-rds-logs-uploader-rule \
  --targets "$(. ./target-json-template.sh)"

Run Locally

Configure variables:

# Configure Environment Variables
cp .env.example .env
vi .env

# Configure Event JSON
cp event.json.example event.json
vi event.json

Execute function locally.

npm run local