> ## Documentation Index > Fetch the complete documentation index at: https://docs.bronto.io/llms.txt > Use this file to discover all available pages before exploring further. # Ingesting AWS Data into Bronto > An overview of the available methods for sending AWS log, trace, and metric data to Bronto, with guidance on choosing the right approach. ## Overview Bronto supports several methods for ingesting data from AWS environments. The right choice depends on where your logs originate, whether you need trace data, your infrastructure preferences, and cost constraints. *** ## Service-to-Method Mapping Different AWS services suit different ingestion methods. The recommended method is the simplest path that gets the data into Bronto; alternatives may be preferable depending on your existing infrastructure or cost constraints. Each service name in the table below links to a per-source landing page with a short summary of what the service emits and the configuration entry points for that data. Where the OpenTelemetry SDK supports your runtime, prefer OTel-based instrumentation — it sends logs and traces through one pipeline, gives you consistent `service.name` / `service.namespace` routing, and avoids CloudWatch ingestion fees. The [ADOT Lambda Layer](./aws-adot-lambda) covers Lambda; [ADOT](./aws-adot) or a [Self-Managed OTel Collector](./aws-custom-otel) cover ECS, EKS, and EC2 workloads. | AWS Service | Recommended Method | Alternatives | | -------------------------------------------------------- | ---------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [AWS Lambda](./aws-lambda) (logs + traces) | [ADOT Lambda Layer](./aws-adot-lambda) (OTel-supported runtimes) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) (for stdout/stderr capture or unsupported runtimes) | | [Amazon ECS / Fargate](./aws-ecs) | [ADOT](./aws-adot) (OTel) | [ECS FireLens](./aws-firelens), [CloudWatch Log Forwarder](./aws-client-cloudwatch) | | [Amazon EKS](./aws-eks) | [ADOT](./aws-adot) (OTel) | [Fluent Bit on EKS](./aws-fluent-bit-eks), [Self-Managed OTel Collector](./aws-custom-otel), [CloudWatch Log Forwarder](./aws-client-cloudwatch) (control plane logs) | | [Amazon RDS / Aurora (PostgreSQL)](./aws-rds-postgresql) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | [Kinesis Firehose](./aws-firehose) (high-volume) | | [Amazon RDS / Aurora (MySQL)](./aws-rds-mysql) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | [Kinesis Firehose](./aws-firehose) (high-volume) | | [AWS CloudTrail](./aws-cloudtrail) | [EventBridge API Destinations](./aws-eventbridge) | [S3 Log Forwarder](./aws-client-s3), [Kinesis Firehose](./aws-firehose) (high-volume) | | [Amazon API Gateway](./aws-api-gateway) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | [Kinesis Firehose](./aws-firehose) (high-volume access logs) | | [ALB / NLB access logs](./aws-alb) | [S3 Log Forwarder](./aws-client-s3) | — | | [VPC Flow Logs](./aws-vpc-flow-logs) | [S3 Log Forwarder](./aws-client-s3) | [CloudWatch Log Forwarder](./aws-client-cloudwatch), [Kinesis Firehose](./aws-firehose) (custom parser required) | | [AWS WAF](./aws-waf) | [S3 Log Forwarder](./aws-client-s3) | [Kinesis Firehose](./aws-firehose) (native JSON), [CloudWatch Log Forwarder](./aws-client-cloudwatch) | | [Amazon DynamoDB](./aws-dynamodb) | [EventBridge API Destinations](./aws-eventbridge) (via CloudTrail) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | | [Amazon ElastiCache](./aws-elasticache) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | [Kinesis Firehose](./aws-firehose) (high-volume) | | [Amazon CloudFront](./aws-cloudfront) (real-time logs) | [Kinesis Firehose](./aws-firehose) | [S3 Log Forwarder](./aws-client-s3) (standard logs) | | [Amazon Route 53](./aws-route53) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) (public zone query logs) | [Kinesis Firehose](./aws-firehose) (Resolver query logs, JSON), [S3 Log Forwarder](./aws-client-s3) (Resolver query logs) | | [AWS GuardDuty](./aws-guardduty) | [EventBridge API Destinations](./aws-eventbridge) | [S3 Log Forwarder](./aws-client-s3) | | [Amazon SES](./aws-ses) | [Kinesis Firehose](./aws-firehose) (full event bodies) | — | | [AWS Step Functions](./aws-step-functions) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | [EventBridge API Destinations](./aws-eventbridge) | | [Amazon Cognito](./aws-cognito) | [CloudWatch Log Forwarder](./aws-client-cloudwatch) | — | *** ## Ingestion Methods Bronto supports the following AWS ingestion methods: * [S3 Log Forwarder](./aws-client-s3) — Lambda subscribes to S3 events and forwards new log objects. * [CloudWatch Log Forwarder](./aws-client-cloudwatch) — Lambda subscribes to CloudWatch log groups and streams events. * [ECS FireLens](./aws-firelens) — Fluent Bit sidecar in your ECS task definitions; no Lambda required. * [Fluent Bit on EKS](./aws-fluent-bit-eks) — Fluent Bit DaemonSet that collects container logs from every EKS node. * [ADOT — ECS / EKS](./aws-adot) — AWS-managed OpenTelemetry Collector distribution for ECS and EKS workloads. * [ADOT Lambda Layer](./aws-adot-lambda) — OpenTelemetry instrumentation layer for AWS Lambda functions. * [Self-Managed OTel Collector](./aws-custom-otel) — Your own OpenTelemetry Collector deployment for full control. * [EventBridge API Destinations](./aws-eventbridge) — Native EventBridge rule that POSTs events directly to Bronto. * [AWS Kinesis Firehose](./aws-firehose) — Direct delivery from a Kinesis Firehose stream. *** ## AWS VPC Private Link Bronto can be connected via an AWS VPC Private Link, keeping all traffic within the AWS network and avoiding public internet egress. This is available on request — contact [support@bronto.io](mailto:support@bronto.io) to set this up.