DataDog · cswatt · Jul 24, 2025 · Jul 29, 2025 · Jul 30, 2025 · Jul 31, 2025
@@ -3218,8 +3218,8 @@ menu:
       parent: serverless
       identifier: serverless_aws_lambda
       weight: 1
-    - name: Installation
-      url: serverless/aws_lambda/installation
+    - name: Instrumentation
+      url: serverless/aws_lambda/instrumentation
       parent: serverless_aws_lambda
       identifier: serverless_aws_lambda_installation
       weight: 101

@@ -41,6 +41,8 @@ First, [install][1] Datadog Serverless Monitoring to begin collecting metrics, t
 - [Migrating between x86 to arm64 with the Datadog Lambda Extension](#migrating-between-x86-to-arm64-with-the-datadog-lambda-extension)
 - [Configure the Datadog Lambda extension for local testing](#configure-the-datadog-lambda-extension-for-local-testing)
 - [Instrument AWS Lambda with the OpenTelemetry API](#instrument-aws-lambda-with-the-opentelemetry-api)
+- [Using Datadog Lambda Extension v67+](#using-datadog-lambda-extension-v67)
+- [Configure Auto-linking for DynamoDB PutItem](#configure-auto-linking-for-dynamodb-putitem)
 - [Troubleshoot](#troubleshoot)
 - [Further Reading](#further-reading)
 
@@ -272,8 +274,7 @@ DD_APM_REPLACE_TAGS=[
       }
 ]
 ```
-
-
+To collect payloads from AWS services, see [Capture Requests and Responses from AWS Services][54].
 
 ## Collect traces from non-Lambda resources
 
@@ -722,6 +723,55 @@ You can use this approach if, for example, your code has already been instrument
 
 To instrument AWS Lambda with the OpenTelemetry API, set the environment variable `DD_TRACE_OTEL_ENABLED` to `true`. See [Custom instrumentation with the OpenTelemetry API][48] for more details.
 
+## Using Datadog Lambda Extension v67+
+
+Version 67+ of [the Datadog Extension][50] is optimized to significantly reduce cold start duration.
+
+To use the optimized extension, set the `DD_SERVERLESS_APPSEC_ENABLED` environment variable to `false`.
+
+When the `DD_SERVERLESS_APPSEC_ENABLED` environment variable is set to `true`, the Datadog Extension defaults to the fully compatible older version. You can also force your extension to use the older version by setting `DD_EXTENSION_VERSION` to `compatibility`. Datadog encourages you to report any feedback or bugs by adding an [issue on GitHub][51] and tagging your issue with `version/next`.
+
+## Configure Auto-linking for DynamoDB PutItem
+_Available for Python and Node.js runtimes_.
+
+When segments of your asynchronous requests cannot propagate trace context, Datadog's [Span Auto-linking][52] feature automatically detects linked spans. 
+
+To enable Span Auto-linking for [DynamoDB Change Streams][53]'s `PutItem` operation, configure primary key names for your tables.
+
+{{< tabs >}}
+{{% tab "Python" %}}
+```python
+ddtrace.config.botocore['dynamodb_primary_key_names_for_tables'] = {
+    'table_name': {'key1', 'key2'},
+    'other_table': {'other_key'},
+}
+```
+{{% /tab %}}
+{{% tab "Node.js" %}}
+```js
+// Initialize the tracer with the configuration
+const tracer = require('dd-trace').init({
+  dynamoDb: {
+    tablePrimaryKeys: {
+      'table_name': ['key1', 'key2'],
+      'other_table': ['other_key']
+    }
+  }
+})
+```
+{{% /tab %}}
+{{% tab "Environment variable" %}}
+```sh
+export DD_BOTOCORE_DYNAMODB_TABLE_PRIMARY_KEYS='{
+    "table_name": ["key1", "key2"],
+    "other_table": ["other_key"]
+}'
+```
+{{% /tab %}}
+{{< /tabs >}}
+
+This enables DynamoDB `PutItem` calls to be instrumented with span pointers. Many DynamoDB API calls do not include the item's primary key fields as separate values, so they need to be provided to the tracer separately. This field is structured as a `dict` keyed by the table names as `str`. Each value is the set of primary key field names (as str) for the associated table. The set can have exactly one or two elements, depending on the table's primary key schema.
+
 ## Troubleshoot
 
 If you have trouble configuring your installations, set the environment variable `DD_LOG_LEVEL` to `debug` for debugging logs. For additional troubleshooting tips, see the [serverless monitoring troubleshooting guide][39].
@@ -780,4 +830,8 @@ If you have trouble configuring your installations, set the environment variable
 [47]: /logs/
 [48]: /tracing/trace_collection/otel_instrumentation/
 [49]: https://app.datadoghq.com/security/appsec?column=time&order=desc
-
+[50]: https://github.com/DataDog/datadog-lambda-extension
+[51]: https://github.com/DataDog/datadog-lambda-extension/issues
+[52]: /serverless/aws_lambda/distributed_tracing/#span-auto-linking
+[53]: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.html
+[54]: /tracing/guide/aws_payload_tagging/?code-lang=python&tab=nodejs
@@ -0,0 +1,55 @@
+---
+title: Instrument AWS Lambda applications
+aliases:
+    - /serverless/installation/installing_the_library/
+    - /serverless/installation
+    - /serverless/aws_lambda/installation
+further_reading:
+    - link: '/serverless/configuration/'
+      tag: 'Documentation'
+      text: 'Configure Serverless Monitoring'
+    - link: "/integrations/amazon_lambda/"
+      tag: "Documentation"
+      text: "AWS Lambda Integration"
+---
+
+## Overview
+
+Instrument your AWS Lambda applications with a Datadog Lambda Library to collect traces, enhanced metrics, and custom metrics.
+
+{{< img src="serverless/serverless_tracing_installation_instructions.png" alt="A diagram that shows how Datadog receives telemetry from your instrumented AWS Lambda application. Your Lambda application, instrumented with a Datadog Lambda Library, sends logs, traces, enhanced metrics, and custom metrics to the Datadog Lambda Extension, which then pushes this data to Datadog." style="width:100%;" >}}
+
+## Quick start
+
+A sample application is [available on GitHub][6] with instructions on how to deploy with multiple runtimes and infrastructure-as-code tools.
+
+The quick start process configures your Lambda functions on the fly. To instrument Lambda functions permanently, see the detailed instructions in the next section.
+
+## Instrumentation instructions
+
+For Node.js and Python runtimes, you can use [remote instrumentation][5] to add instrumentation to your AWS Lambda functions and keep them instrumented securely. See [Remote instrumentation for AWS Lambda][5].
+
+For other Lambda runtimes (or to instrument your Node.js or Python functions without remote instrumentation) see detailed instrumentation instructions:
+
+{{< partial name="serverless/getting-started-languages.html" >}}
+
+## Advanced configurations
+
+After you're done with instrumentation and you've set up telemetry collection, you can use [advanced configurations][3] to:
+
+- connect your metrics, traces, and logs using tags
+- collect telemetry from AWS resources such as API Gateway, AppSync, and Step Functions
+- capture the request and response payloads for individual Lambda invocations
+- link errors of your Lambda functions to your source code
+- filter or scrub sensitive information from logs or traces
+
+## Further Reading
+
+{{< partial name="whats-next/whats-next.html" >}}
+
+[1]: https://app.datadoghq.com/signup/
+[2]: https://app.datadoghq.com/signup/agent#lambda
+[3]: /serverless/configuration/
+[4]: /serverless/aws_lambda/fips-compliance/
+[5]: /serverless/aws_lambda/remote_instrumentation
+[6]: https://github.com/DataDog/serverless-sample-app
@@ -2,6 +2,7 @@
 title: Instrumenting .NET Serverless Applications
 aliases:
     - /serverless/installation/dotnet
+    - /serverless/aws_lambda/instrumentation/dotnet
 further_reading:
     - link: '/serverless/configuration'
       tag: 'Documentation'
@@ -14,17 +15,11 @@ further_reading:
       text: 'Submitting Custom Metrics from Serverless Applications'
 ---
 
-<div class="alert alert-warning">If your Lambda functions are deployed in VPC without access to the public internet, you can send data either <a href="/agent/guide/private-link/">using AWS PrivateLink</a> for the <code>datadoghq.com</code> <a href="/getting_started/site/">Datadog site</a>, or <a href="/agent/configuration/proxy/">using a proxy</a> for all other sites.</div>
+<div class="alert alert-info">Version 67+ of the Datadog Lambda Extension uses an optimized version of the extension. <a href="/serverless/aws_lambda/configuration/?tab=datadogcli#using-datadog-lambda-extension-v67">Read more</a>.</div>
 
-<div class="alert alert-info">Version 67+ of the Datadog Lambda Extension uses an optimized version of the extension. <a href="#minimize-cold-start-duration">Read more</a>.</div>
+## Setup
 
-<div class="alert alert-info">For FIPS compliance, use the Datadog FIPS-compliant extension layer, but note that the .NET runtime layer does not require additional configuration. While the FIPS-compliant Lambda components work with any Datadog site, end-to-end FIPS compliance requires using the US1-FED site. See <a href="/serverless/aws_lambda/fips-compliance">AWS Lambda FIPS Compliance</a> for more details.</div>
-
-## Installation
-
-<div class="alert alert-info">A sample application is <a href="https://github.com/DataDog/serverless-sample-app/tree/main/src/order-service">available on GitHub</a> with instructions on how to deploy with multiple runtimes and infrastructure as code tools.</div>
-
-Datadog offers many different ways to enable instrumentation for your serverless applications. Choose a method below that best suits your needs. Datadog generally recommends using the Datadog CLI. You *must* follow the instructions for "Container Image" if your application is deployed as a container image.
+If your application is deployed as a container image, use the _Container Image_ method.
 
 {{< tabs >}}
 {{% tab "Datadog CLI" %}}
@@ -304,40 +299,30 @@ module "lambda-datadog" {
 {{% /tab %}}
 {{< /tabs >}}
 
-## Minimize cold start duration
-Version 67+ of [the Datadog Extension][7] is optimized to significantly reduce cold start duration.
-
-To use the optimized extension, disable App and API Protection (AAP), Continuous Profiler for Lambda, and OpenTelemetry based tracing. Set the following environment variables to `false`:
-
-- `DD_TRACE_OTEL_ENABLED`
-- `DD_PROFILING_ENABLED`
-- `DD_SERVERLESS_APPSEC_ENABLED`
-
-Enabling any of these features cause the extension to default back to the fully compatible older version of the extension. You can also force your extension to use the older version by setting `DD_EXTENSION_VERSION` to `compatibility`. Datadog encourages you to report any feedback or bugs by adding an [issue on GitHub][8] and tagging your issue with `version/next`.
+## Add custom spans
 
-## Adding Custom Spans
-
-When using the [Datadog Lambda tracing layer for .NET](https://github.com/DataDog/dd-trace-dotnet-aws-lambda-layer), ensure that a second version of the .NET tracer is not also packaged with your application code. Add `ExcludeAssets` instruction to ensure this extra tracer is excluded.
+When using the [Datadog Lambda tracing layer for .NET][9], ensure that a second version of the .NET tracer is not also packaged with your application code. Add `ExcludeAssets` instruction to ensure this extra tracer is excluded.
 
 ```xml
 <PackageReference Include="Datadog.Trace" Version="2.38.0">
     <ExcludeAssets>runtime</ExcludeAssets>
 </PackageReference>
 ```
 
-You are now ready to add custom spans and span tags using the .NET tracer. For further instructions on how to add spans, see the [.NET custom instrumentation](https://docs.datadoghq.com/tracing/trace_collection/custom_instrumentation/dotnet/dd-api/) page.
+You can then add custom spans and span tags using the .NET tracer. For instructions on how to add spans, see [.NET custom instrumentation][10].
+
+## FIPS compliance
+
+{{% svl-lambda-fips %}}
+
+## AWS Lambda and VPC
+
+{{% svl-lambda-vpc %}}
 
-## What's next?
-- View metrics, logs, and traces on the [Serverless page][1] in Datadog. By default, the Datadog Lambda extension enables logs.
-- Turn on [threat monitoring][6] to get alerted on attackers targeting your service.
-- Submit a [custom metric][2] or [APM span][3] to monitor your business logic.
-- See the [troubleshooting guide][4] if you have trouble collecting the telemetry
-- See the [advanced configurations][5] to
-    - connect your telemetry using tags
-    - collect telemetry for Amazon API Gateway, SQS, and so on.
-    - capture the Lambda request and response payloads
-    - link errors of your Lambda functions to your source code
-    - filter or scrub sensitive information from logs or traces
+- Add custom tags to your telemetry by using the `DD_TAGS` environment variable
+- Configure [payload collection][11] to capture your functions' JSON request and response payloads
+- If you are using the Datadog Lambda Extension, turn off the Datadog Forwarder's Lambda logs
+- See [advanced configurations][5] for further capabilities
 
 ## Further Reading
 
@@ -352,3 +337,6 @@ You are now ready to add custom spans and span tags using the .NET tracer. For f
 [6]: /security/application_security/serverless/
 [7]: https://github.com/DataDog/datadog-lambda-extension
 [8]: https://github.com/DataDog/datadog-lambda-extension/issues
+[9]: https://github.com/DataDog/dd-trace-dotnet-aws-lambda-layer
+[10]: https://docs.datadoghq.com/tracing/trace_collection/custom_instrumentation/dotnet/dd-api/
+[11]: /serverless/aws_lambda/configuration?tab=datadogcli#collect-the-request-and-response-payloads