Build the 1 Minute QuickstartGet the Latest ReleaseSee the CHANGELOGCreate a Feature Request / Bug ReportJoin the Conversation
HomeGuidesRecipes
Build the 1 Minute QuickstartGet the Latest ReleaseSee the CHANGELOGCreate a Feature Request / Bug ReportJoin the Conversation
Guides

Performance Monitoring with X-Ray

Suggest Edits

Substation dynamically enables X-Ray for performance monitoring if an AWS_XRAY_DAEMON_ADDRESS environment variable is found.

If the AWS account's X-Ray data is not encrypted, then use this pattern to encrypt it. The ARN produced by xray_key (or the ARN of a previously created encryption key) must be added as a kms_read and kms_write resource on all Lambda IAM policies.

resource "aws_kms_key" "xray_key" {
  description         = "KMS used for server-side encryption of X-Ray data"
  enable_key_rotation = true
}

resource "aws_kms_alias" "xray_key_alias" {
  name          = "alias/xray"
  target_key_id = aws_kms_key.xray_key.key_id
}

# Applying this configuration can take several minutes
resource "aws_xray_encryption_config" "xray_encryption_config" {
  type   = "KMS"
  key_id = aws_kms_key.xray_key.arn
}

Updated over 1 year ago