Resource Changes is not supported for your selected
Datadog site (
).
Join the Preview!
Resource Changes is in Preview. Click Request Access and complete the form to request access.
Request AccessOverview
Resource Changes provides visibility and control over configuration changes to your cloud infrastructure. It helps you monitor modifications to resources, aiding in troubleshooting incidents and understanding the evolution of your environment.
Resource Changes supports a variety of resources, including:
- Hosts
- Containers
- Serverless Functions
- Databases
- Queues
- Storage
- Networking
- Monitoring
- Identity
- Data Processing
For a comprehensive list of supported resources, see the Supported resources section.
Setup
To view configuration changes for your resources:
- Enable Resource Collection: Ensure that resource collection is enabled for your cloud resources so they are visible within the Resource Catalog. You can manage this setting from the Resource Catalog settings page or the relevant cloud provider integration tile. This step automatically enables Snapshot Changes for your resources.
- Cloud Provider Event Forwarding: For real-time or more frequent change updates, configure event forwarding from your cloud provider:
If you enable only Resource Collection without setting up cloud provider event forwarding, Datadog identifies configuration changes using Snapshot Changes.
Snapshot Changes
Snapshot Changes represent configuration and relationship updates that Datadog detects by comparing snapshots of your cloud resources, taken approximately every 5-15 minutes.
To view Snapshot Changes, toggle Snapshot Changes on Infrastructure > Resources > Resource Changes.
Key characteristics of Snapshot Changes:
- No Additional Setup: Requires no extra configuration beyond enabling resource collection.
- Reflects Net Changes: Since changes come from snapshots (5-15 minutes apart), they show the net difference, omitting intermediate states.
- Retention: Datadog Snapshot Changes are retained for one week.
- Cost: Generating Snapshot Changes does not incur additional event charges.
Navigating and viewing Resource Changes
You can access Resource Changes in the Datadog platform in the following ways:
- Main Navigation: Go to Infrastructure > Resources > Resource Changes.
- Within a Resource’s Side Panel:
- Open the side panel for a specific resource (for example, by clicking on a host in the Resource Catalog or a related host view).
- Scroll down to the Recent Changes section.
Querying Resource Changes
The Resource Changes view allows you to search and filter changes using various attributes.
Query Parameter | Description | Example |
---|
Change Type | Filter by the type of change (Update, Create, Delete). | latest_change_type:Update |
Resource Category | Query across cloud providers for a general category of resource. | resource_category:hosts (shows EC2, Azure VMs, GCP Compute instances, etc.) |
Resource Type | Query for specific resource types. | resource_type:aws_ec2_instance |
First-Class Attributes | Filter by attributes like Cloud Provider, Region, Environment, Account, etc. | cloud_provider:aws region:us-east-1 env:staging account_id:123456789012 |
Resource Name | Search for resources by their display name. | display_name:*bucket* |
Tags | Filter resources based on assigned tags. | tags:"application:frontend" "owner:team-alpha" |
Supported search query types
- Wildcard: Use asterisks
*
for partial matching (before and after the term). Example: service:*example*
- Union (OR): Use
OR
for multiple values (not available for resource types or categories). Example: service:(service_a OR service_b)
- Exclusion (Empty/Not Empty): Use
-
prefix to exclude. Example: -service:*
(shows resources where the service tag is not set).
Troubleshooting with Resource Changes
During an incident, the most critical question is often “What changed?”. Resource Changes helps you answer this.
When a monitor alerts, you are linked directly to the Resource Changes page. This page is pre-filtered with important context from the alert, such as the relevant time frame and any associated tags (like service
, env
, or team
).
Use this centralized page to:
- Identify risky changes: Scan the list of modifications that occurred during the incident window for the impacted service, environment, and related shared infrastructure.
- Investigate the details: Select any suspicious change to view a side-by-side configuration diff and related logs (such as AWS CloudTrail) that help identify who made the change and why.
Supported resources
Resource Changes supports a wide array of resources across AWS, Azure, and Google Cloud Platform.
Azure resource types:
virtual machine instance
aks cluster
app service plan
/ app service
function app
managed disk
mysql server
policy assignment
postgresql server
sql server
sql server database
storage account
storage blob container
activity log alert
automation account
container apps
container registry
diagnostic setting
key vault key
key vault secret
key vault
load balancer probe
log analytics storage insight
log analytics workspace
network interface
network public ip address
network subnet
network vnet peering
network vnet
network watcher
postgresql firewall rule
role assignment
role definition
security center auto provisioning
security contact
security group
sql firewall rule
subscription
Google Cloud Platform resource types:
bigquery table
cloudfunctions function
compute disk
sql database instance
storage bucket
compute instance
bigquery dataset
compute external vpn gateway
compute firewall
compute network
compute project metadata
compute route
compute router
compute ssl policy
compute subnetwork
compute target http proxy
compute target https proxy
compute target ssl proxy
compute target vpn gateway
compute vpn gateway
compute vpn tunnel
dataproc cluster
dns managed zone
dns policy
folder
iam policy
iam service account key
iam service account
kms crypto key
logging log bucket
logging log metric
logging log sink
monitoring alert policy
organization
project
If you have a request for an additional resource type, contact Datadog Support.
Further reading
Additional helpful documentation, links, and articles: