Skip to content

CloudWatch Logs

This article describes how to create CloudWatch resources for use with Matillion's CDC agent.

The Matillion CDC agent requires knowledge and access to a CloudWatch group for logging purposes. This can be automatically created and configured as part of some templates (for example, the Advanced AWS CloudFormation template) but otherwise falls upon the user to create themselves.

It may be possible to use existing CloudWatch groups for your CDC agent but we highly recommend creating new resources for CDC.

Creating Log Groups

  1. Log in to your AWS account. It is highly recommended that your CloudWatch groups exist in the same account as your CDC agent
  2. Browse to the CloudWatch service
  3. Click Logs and then Log groups on the navigation pane
  4. Click Create log group
  5. Enter a name into the Log group name field. Take note of this as it will be required during your agent installation.
  6. Click Create

:::info{title='Note'} - If you are not using an Advanced Template and wish to limit access to this resource, take note of the ARN. - By default, we do not recommend limiting access and provided policies do not specific per-resource access for log groups. :::


Your CDC agent will require the following CloudWatch logging permissions:

  • logs:CreateLogStream
  • logs:PutLogEvents

For more information on permissions, see the article on IAM Roles.