I'm building a SaaS that will provide a log file for an auth'd user to see what kind of actions have taken place on their account and I'm wondering if anyone has experience doing this. We're looking to deploy in AWS so I was thinking CloudWatch but I want to make sure that that is going to be secure enough to handle a multi-tenancy application where the log will contain potentially sensitive information (like customer emails and such) for each organization that uses the app. Ideally the experience a user receives is something like what Stripe does where it shows you the request status and parameters as well as the response that was sent.
Anyone know how to do this in CloudWatch (or what I should even start searching to find docs on this) or alternative products to send me in the right direction or am I better off spinning up a dynamo instance and doing it that way?
@kylemilloy Stripe is able to offer logging because literally every interaction with them is an API call, so all they need to do is store the request and response for every API call. Stripe calls them “events”, all events are associated with an account, and they will be stored in a database (although the scale Stripe is at, those databases will be snarfed and clustered to scale horizontally).
You could use CloudWatch but it doesn’t feel the right solution to me. Especially if you’re going to want to be querying these logs. And any solution is going to be as secure as you make it. Using CloudWatch isn’t going to automatically make you “secure” by the mere virtue of using CloudWatch. It’s still entirely possible for you to accidentally expose one tenant’s logs to another if you form a query incorrectly or have some other application vulnerability.
Damn...figured the most straightforward way would be "database" but was hoping there was another service out there I could leverage so I could focus on writing code instead of having to worry about provisioning elastisearch or dynamo for this.
Using CloudWatch isn’t going to automatically make you “secure” by the mere virtue of using CloudWatch.
I'm aware :). I just haven't used CloudWatch through the AWS SDK or anywhere outside of the AWS console so I'm not even sure if it is capable of scoping to a given owner without having an associated AWS key/secret pair. I figured it should (or I can attach a key/val pair that I can leverage) but just haven't used it in that way before.
So what I'm hearing is, "high-level of effort; put it in the backlog"...works for me.
