AWS Verified Access

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Overview

With AWS Verified Access, you can provide secure access to your corporate applications without requiring the use of a virtual private network (VPN). Verified Access evaluates each application request and helps ensure that users can access each application only when they meet the specified security requirements.

Setup

Installation

If you haven’t already, set up the Amazon Web Services integration first.

Log collection

Enable Verified Access logs

  1. Open the Amazon VPC console
  2. In the navigation pane, choose Verified Access instances.
  3. Select the Verified Acccess instance.
  4. On the Verified Access instance logging configuration tab, choose Modify Verified Access instance logging configuration
  5. Turn on Deliver to Amazon Cloudwatch Logs. Choose the destination log group.

Note: Include the string verified-access in the log group name to enable automatic log parsing.

For more information, see Enable Verified Access logs.

Send logs to Datadog

Note: If you are using Datadog’s Amazon Security Lake integration, you can send Verified Access logs through that integration instead of following the steps below.

  1. If you haven’t already, set up the Datadog Forwarder Lambda function in your AWS account.
  2. Once set up, go to the Datadog Forwarder Lambda function. In the Function Overview section, click Add Trigger.
  3. Select the CloudWatch Logs trigger for the Trigger Configuration.
  4. Select the log group that contains your Verified Access logs.
  5. Add a Filter Name.
  6. Click Add to add the trigger to your Lambda.

Go to the Log Explorer to start exploring your logs.

For more information on collecting AWS Services logs, see Send AWS Services Logs with the Datadog Lambda function.

Data collected

Metrics

The AWS Verified Access integration does not include any metric collection.

Events

The AWS Verified Access integration does not include any events.

Logs

The AWS Verified Access integration includes Verified Access logs.

Service Checks

The AWS Verified Access integration does not include any service checks.

Troubleshooting

Need help? Contact Datadog support.

Further reading

PREVIEWING: safchain/fix-custom-agent