CloudWatch in Hoop simplifies AWS log analysis by providing direct access to log groups with automatic environment variable setup and an optimized interface for log exploration.
hoop connect <connection-name>
.Feature | Native | One Off | Description |
---|---|---|---|
TLS Termination Proxy | The local proxy terminates the connection with TLS, enabling the connection with the remote server to be TLS encrypted. | ||
Audit | The gateway stores and audits the queries being issued by the client | ||
Data Masking (Google DLP) | A policy can be enabled to mask sensitive fields dynamically when performing queries in the logs. | ||
Data Masking (MS Presidio DLP) | A policy can be enabled to mask sensitive fields dynamically when performing queries in the logs. | ||
Credentials Offload | The user authenticates via SSO instead of using the service credentials. | ||
Interactive Access | Interactive access is available when using an IDE or connecting via a terminal for log analysis exploration. |
Name | Type | Required | Description |
---|---|---|---|
AWS_ACCESS_KEY_ID | env-var | yes | The AWS access key ID for CloudWatch Logs access |
AWS_SECRET_ACCESS_KEY | env-var | yes | The AWS secret access key for CloudWatch Logs access |
AWS_REGION | env-var | yes | The AWS region where your CloudWatch log groups are located (e.g., us-east-1 , eu-west-1 ) |
logs:DescribeLogGroups
logs:FilterLogEvents
logs:GetLogEvents
--type custom/cloudwatch
allows displaying the introspection schema in the web interface.
LOG_GROUP_NAME
environment variable, allowing you to use it in your scripts.
The example above shows the variable being used in a script to filter events from the /aws/lambda/my-function
log group.