I am trying to ingest events from the the Events Reporting API into our SIEM (Datadog), which isn't a supported integration yet. My environment is in AWS (which I am an absolute beginner on), and the main problem I'm having is: How do I monitor the 1Password Events API endpoint in AWS, so that I can forward those events to a 3rd party?
My first thought was to create a scheduled lambda that does a REST API call to fetch events and dump them into an S3 bucket. Datadog has a pre-built AWS log forwarder which can trigger on any changes made to an S3 bucket, so that sounds like it will work.
However, after some more searching I discovered the AWS EventBridge feature, which is 90% of what I want to do, except it still can't listen to a 3rd party API endpoint to trigger events. AWS makes it fairly straightforward to become an EventBridge partner app though, which would eliminate most of the duct-tape-and-glue that I would need to deploy to do this. As far as feature requests go, this is a much lighter lift than asking for a full integration with Datadog, and I have already met with a 1Password solutions architect to make my case for this.
There are no other posts specifically about this, so I'm hoping it will spark a conversation and provide a gauge on how much general interest there is for getting 1Password events into AWS.
1Password Version: 8.9.13
Extension Version: 2.5.1
OS Version: Not Provided
Referrer: forum-search:Events API