[ASCII-2591] Migrate Agent IPC clients to check IPC cert

[misteriaud]

What does this PR do?

This PR enhances the two primary methods to access the Agent IPC Server by adding TLS certificate verification in:

• pkg/api/util
• pkg/util/grpc

It also updates the various locations where these IPC clients are used.

It follows the work done in these previous PRs:

• [ASCII-2582] Add certificate generation and retrieval for IPC communications #31838
• [ASCII-2584] Migrating CoreAgent to use IPC cert #31843
• [ASCII-2586] Migrating SecurityAgent to use IPC cert #31845
• [ASCII-2585] Migrating ProcessAgent to use IPC cert #31844
• [ASCII-2587] Migrating TraceAgent to use IPC cert #31847
• [ASCII-2585] Update processAgent to use HTTPS instead of HTTP for IPC #32361

Motivation

This PR is part of a plan to improve the security of the Agent's inter-process communication (IPC).

Describe how you validated your changes

Since the updated code is part of the backbone of the Agent IPC, a lot of test are indirectly covering the code modified in this PR.

[cit-pr-commenter]

Go Package Import Differences

Baseline: 274cdd8
Comparison: 5d31fc3

binary	os	arch	change
serverless	linux	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/api/authtoken +github.com/DataDog/datadog-agent/comp/api/authtoken/noneimpl
serverless	linux	arm64	+2, -0 +github.com/DataDog/datadog-agent/comp/api/authtoken +github.com/DataDog/datadog-agent/comp/api/authtoken/noneimpl
system-probe	linux	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/api/authtoken +github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl
system-probe	linux	arm64	+2, -0 +github.com/DataDog/datadog-agent/comp/api/authtoken +github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl
system-probe	windows	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/api/authtoken +github.com/DataDog/datadog-agent/comp/api/authtoken/fetchonlyimpl
trace-agent	linux	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/core/log/fx +github.com/DataDog/datadog-agent/comp/core/log/impl
trace-agent	linux	arm64	+2, -0 +github.com/DataDog/datadog-agent/comp/core/log/fx +github.com/DataDog/datadog-agent/comp/core/log/impl
trace-agent	windows	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/core/log/fx +github.com/DataDog/datadog-agent/comp/core/log/impl
trace-agent	darwin	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/core/log/fx +github.com/DataDog/datadog-agent/comp/core/log/impl
trace-agent	darwin	arm64	+2, -0 +github.com/DataDog/datadog-agent/comp/core/log/fx +github.com/DataDog/datadog-agent/comp/core/log/impl
heroku-trace-agent	linux	amd64	+2, -0 +github.com/DataDog/datadog-agent/comp/core/log/fx +github.com/DataDog/datadog-agent/comp/core/log/impl

[agent-platform-auto-pr]

Package size comparison

Comparison with ancestor c96e64710cdd2f6683e54fe07067b4273291eb98

Diff per package

package	diff	status	size	ancestor	threshold
datadog-agent-amd64-deb	0.09MB	⚠️	1266.08MB	1265.99MB	140.00MB
datadog-iot-agent-amd64-deb	0.00MB	✅	113.27MB	113.27MB	10.00MB
datadog-dogstatsd-amd64-deb	0.00MB	⚠️	78.50MB	78.50MB	10.00MB
datadog-heroku-agent-amd64-deb	0.06MB	⚠️	526.79MB	526.73MB	70.00MB
datadog-agent-x86_64-rpm	0.12MB	⚠️	1275.34MB	1275.22MB	140.00MB
datadog-agent-x86_64-suse	0.12MB	⚠️	1275.34MB	1275.22MB	140.00MB
datadog-iot-agent-x86_64-rpm	0.00MB	⚠️	113.34MB	113.34MB	10.00MB
datadog-iot-agent-x86_64-suse	0.00MB	⚠️	113.33MB	113.33MB	10.00MB
datadog-dogstatsd-x86_64-rpm	0.00MB	⚠️	78.58MB	78.58MB	10.00MB
datadog-dogstatsd-x86_64-suse	0.00MB	⚠️	78.58MB	78.58MB	10.00MB
datadog-agent-arm64-deb	0.07MB	⚠️	1001.06MB	1000.98MB	140.00MB
datadog-iot-agent-arm64-deb	-0.00MB	✅	108.74MB	108.75MB	10.00MB
datadog-dogstatsd-arm64-deb	-0.00MB	✅	55.73MB	55.73MB	10.00MB
datadog-agent-aarch64-rpm	0.10MB	⚠️	1010.30MB	1010.20MB	140.00MB
datadog-iot-agent-aarch64-rpm	-0.00MB	✅	108.81MB	108.82MB	10.00MB

Decision

⚠️ Warning

[agent-platform-auto-pr]

Test changes on VM

Use this command from test-infra-definitions to manually test this PR changes on a VM:

inv aws.create-vm --pipeline-id=52154296 --os-family=ubuntu

Note: This applies to commit 5d31fc3

[agent-platform-auto-pr]

Uncompressed package size comparison

Comparison with ancestor 274cdd873c71ba931b0bcd6f8dbada88048d7914

Diff per package

package	diff	status	size	ancestor	threshold
datadog-agent-x86_64-rpm	0.06MB	⚠️	1207.58MB	1207.53MB	140.00MB
datadog-agent-x86_64-suse	0.06MB	⚠️	1207.58MB	1207.53MB	140.00MB
datadog-agent-amd64-deb	0.06MB	⚠️	1198.27MB	1198.21MB	140.00MB
datadog-agent-aarch64-rpm	0.05MB	⚠️	949.90MB	949.85MB	140.00MB
datadog-agent-arm64-deb	0.05MB	⚠️	940.60MB	940.56MB	140.00MB
datadog-heroku-agent-amd64-deb	0.01MB	⚠️	506.13MB	506.12MB	70.00MB
datadog-dogstatsd-amd64-deb	0.01MB	⚠️	79.01MB	79.00MB	10.00MB
datadog-dogstatsd-x86_64-rpm	0.01MB	⚠️	79.09MB	79.08MB	10.00MB
datadog-dogstatsd-x86_64-suse	0.01MB	⚠️	79.09MB	79.08MB	10.00MB
datadog-iot-agent-x86_64-rpm	0.00MB	✅	113.85MB	113.85MB	10.00MB
datadog-iot-agent-x86_64-suse	0.00MB	✅	113.85MB	113.85MB	10.00MB
datadog-iot-agent-aarch64-rpm	0.00MB	✅	109.30MB	109.30MB	10.00MB
datadog-iot-agent-amd64-deb	0.00MB	✅	113.78MB	113.78MB	10.00MB
datadog-iot-agent-arm64-deb	0.00MB	✅	109.23MB	109.23MB	10.00MB
datadog-dogstatsd-arm64-deb	0.00MB	✅	56.11MB	56.11MB	10.00MB

Decision

⚠️ Warning

To fix the problem, we need to ensure that InsecureSkipVerify is not set to true in production code. Instead, we should use a proper TLS configuration that verifies the server's certificate. The best way to fix this is to remove the default setting of InsecureSkipVerify: true and rely on the tlsConfigGetter function to provide a valid TLS configuration.

1. Remove the line that sets InsecureSkipVerify: true.
2. Ensure that the tlsConfigGetter function provides a valid TLS configuration.

[cit-pr-commenter]

Regression Detector

Regression Detector Results

Metrics dashboard
Target profiles
Run ID: c2fd04f3-9af8-439c-b521-264b1e170176

Baseline: 274cdd8
Comparison: 5d31fc3
Diff

Optimization Goals: ✅ No significant changes detected

Fine details of change detection per experiment

perf	experiment	goal	Δ mean %	Δ mean % CI	trials	links
➖	tcp_syslog_to_blackhole	ingress throughput	+0.94	[+0.89, +1.00]	1	Logs
➖	quality_gate_idle_all_features	memory utilization	+0.27	[+0.19, +0.35]	1	Logs bounds checks dashboard
➖	file_tree	memory utilization	+0.16	[+0.03, +0.28]	1	Logs
➖	file_to_blackhole_1000ms_latency_linear_load	egress throughput	+0.15	[-0.31, +0.62]	1	Logs
➖	file_to_blackhole_500ms_latency	egress throughput	+0.15	[-0.63, +0.93]	1	Logs
➖	uds_dogstatsd_to_api_cpu	% cpu utilization	+0.08	[-0.60, +0.77]	1	Logs
➖	file_to_blackhole_0ms_latency_http1	egress throughput	+0.04	[-0.81, +0.89]	1	Logs
➖	file_to_blackhole_0ms_latency_http2	egress throughput	+0.02	[-0.77, +0.81]	1	Logs
➖	file_to_blackhole_300ms_latency	egress throughput	+0.01	[-0.64, +0.65]	1	Logs
➖	tcp_dd_logs_filter_exclude	ingress throughput	+0.00	[-0.01, +0.01]	1	Logs
➖	file_to_blackhole_100ms_latency	egress throughput	-0.01	[-0.79, +0.76]	1	Logs
➖	uds_dogstatsd_to_api	ingress throughput	-0.02	[-0.13, +0.10]	1	Logs
➖	file_to_blackhole_0ms_latency	egress throughput	-0.02	[-0.85, +0.80]	1	Logs
➖	file_to_blackhole_1000ms_latency	egress throughput	-0.07	[-0.85, +0.71]	1	Logs
➖	quality_gate_logs	% cpu utilization	-0.09	[-3.32, +3.15]	1	Logs
➖	quality_gate_idle	memory utilization	-0.56	[-0.60, -0.53]	1	Logs bounds checks dashboard

Bounds Checks: ❌ Failed

perf	experiment	bounds_check_name	replicates_passed	links
❌	file_to_blackhole_0ms_latency	lost_bytes	9/10
✅	file_to_blackhole_0ms_latency	memory_usage	10/10
✅	file_to_blackhole_0ms_latency_http1	lost_bytes	10/10
✅	file_to_blackhole_0ms_latency_http1	memory_usage	10/10
✅	file_to_blackhole_0ms_latency_http2	lost_bytes	10/10
✅	file_to_blackhole_0ms_latency_http2	memory_usage	10/10
✅	file_to_blackhole_1000ms_latency	memory_usage	10/10
✅	file_to_blackhole_1000ms_latency_linear_load	memory_usage	10/10
✅	file_to_blackhole_100ms_latency	lost_bytes	10/10
✅	file_to_blackhole_100ms_latency	memory_usage	10/10
✅	file_to_blackhole_300ms_latency	lost_bytes	10/10
✅	file_to_blackhole_300ms_latency	memory_usage	10/10
✅	file_to_blackhole_500ms_latency	lost_bytes	10/10
✅	file_to_blackhole_500ms_latency	memory_usage	10/10
✅	quality_gate_idle	memory_usage	10/10	bounds checks dashboard
✅	quality_gate_idle_all_features	memory_usage	10/10	bounds checks dashboard
✅	quality_gate_logs	lost_bytes	10/10
✅	quality_gate_logs	memory_usage	10/10

Explanation

Confidence level: 90.00%
Effect size tolerance: |Δ mean %| ≥ 5.00%

Performance changes are noted in the perf column of each table:

• ✅ = significantly better comparison variant performance
• ❌ = significantly worse comparison variant performance
• ➖ = no significant change in performance

A regression test is an A/B test of target performance in a repeatable rig, where "performance" is measured as "comparison variant minus baseline variant" for an optimization goal (e.g., ingress throughput). Due to intrinsic variability in measuring that goal, we can only estimate its mean value for each experiment; we report uncertainty in that value as a 90.00% confidence interval denoted "Δ mean % CI".

For each experiment, we decide whether a change in performance is a "regression" -- a change worth investigating further -- if all of the following criteria are true:

1. Its estimated |Δ mean %| ≥ 5.00%, indicating the change is big enough to merit a closer look.

2. Its 90.00% confidence interval "Δ mean % CI" does not contain zero, indicating that if our statistical model is accurate, there is at least a 90.00% chance there is a difference in performance between baseline and comparison variants.

3. Its configuration does not mark it "erratic".

CI Pass/Fail Decision

✅ Passed. All Quality Gates passed.

• quality_gate_idle, bounds check memory_usage: 10/10 replicas passed. Gate passed.
• quality_gate_logs, bounds check lost_bytes: 10/10 replicas passed. Gate passed.
• quality_gate_logs, bounds check memory_usage: 10/10 replicas passed. Gate passed.
• quality_gate_idle_all_features, bounds check memory_usage: 10/10 replicas passed. Gate passed.

[timothyalexandersoftware]

RC changes lgtm 👍

[songy23]

Approval for otel

[pgimalac]

LGTM !

[github-actions]

Serverless Benchmark Results

BenchmarkStartEndInvocation comparison between 274cdd8 and efd1a9d.

tl;dr

Use these benchmarks as an insight tool during development.

1. Skim down the vs base column in each chart. If there is a ~, then there was no statistically significant change to the benchmark. Otherwise, ensure the estimated percent change is either negative or very small.

2. The last row of each chart is the geomean. Ensure this percentage is either negative or very small.

What is this benchmarking?

The BenchmarkStartEndInvocation compares the amount of time it takes to call the start-invocation and end-invocation endpoints. For universal instrumentation languages (Dotnet, Golang, Java, Ruby), this represents the majority of the duration overhead added by our tracing layer.

The benchmark is run using a large variety of lambda request payloads. In the charts below, there is one row for each event payload type.

How do I interpret these charts?

The charts below comes from benchstat. They represent the statistical change in duration (sec/op), memory overhead (B/op), and allocations (allocs/op).

The benchstat docs explain how to interpret these charts.

Before the comparison table, we see common file-level configuration. If there are benchmarks with different configuration (for example, from different packages), benchstat will print separate tables for each configuration.

The table then compares the two input files for each benchmark. It shows the median and 95% confidence interval summaries for each benchmark before and after the change, and an A/B comparison under "vs base". ... The p-value measures how likely it is that any differences were due to random chance (i.e., noise). The "~" means benchstat did not detect a statistically significant difference between the two inputs. ...

Note that "statistically significant" is not the same as "large": with enough low-noise data, even very small changes can be distinguished from noise and considered statistically significant. It is, of course, generally easier to distinguish large changes from noise.

Finally, the last row of the table shows the geometric mean of each column, giving an overall picture of how the benchmarks changed. Proportional changes in the geomean reflect proportional changes in the benchmarks. For example, given n benchmarks, if sec/op for one of them increases by a factor of 2, then the sec/op geomean will increase by a factor of ⁿ√2.

I need more help

First off, do not worry if the benchmarks are failing. They are not tests. The intention is for them to be a tool for you to use during development.

If you would like a hand interpreting the results come chat with us in #serverless-agent in the internal DataDog slack or in #serverless in the public DataDog slack. We're happy to help!

Benchmark stats

goos: linux
goarch: amd64
pkg: github.com/DataDog/datadog-agent/pkg/serverless/daemon
cpu: AMD EPYC 7763 64-Core Processor                
                                      │ baseline/benchmark.log │       current/benchmark.log        │
                                      │         sec/op         │   sec/op     vs base               │
api-gateway-appsec.json                            85.60µ ± 2%   85.63µ ± 3%       ~ (p=0.631 n=10)
api-gateway-kong-appsec.json                       66.12µ ± 1%   65.56µ ± 1%  -0.84% (p=0.003 n=10)
api-gateway-kong.json                              63.24µ ± 1%   62.79µ ± 1%       ~ (p=0.353 n=10)
api-gateway-non-proxy-async.json                   99.88µ ± 1%   99.71µ ± 1%       ~ (p=0.190 n=10)
api-gateway-non-proxy.json                         98.61µ ± 1%   99.76µ ± 3%       ~ (p=0.052 n=10)
api-gateway-websocket-connect.json                 63.63µ ± 1%   64.50µ ± 4%  +1.37% (p=0.001 n=10)
api-gateway-websocket-default.json                 56.69µ ± 2%   57.76µ ± 2%  +1.88% (p=0.002 n=10)
api-gateway-websocket-disconnect.json              56.73µ ± 3%   57.94µ ± 2%  +2.13% (p=0.011 n=10)
api-gateway.json                                   106.2µ ± 2%   106.6µ ± 1%       ~ (p=0.393 n=10)
application-load-balancer.json                     57.62µ ± 3%   57.83µ ± 3%       ~ (p=0.644 n=10)
cloudfront.json                                    43.28µ ± 3%   42.00µ ± 2%  -2.97% (p=0.000 n=10)
cloudwatch-events.json                             35.96µ ± 3%   34.68µ ± 0%  -3.55% (p=0.000 n=10)
cloudwatch-logs.json                               60.71µ ± 3%   56.73µ ± 2%  -6.55% (p=0.000 n=10)
custom.json                                        30.76µ ± 2%   30.14µ ± 3%       ~ (p=0.143 n=10)
dynamodb.json                                      83.58µ ± 1%   82.99µ ± 1%       ~ (p=0.218 n=10)
empty.json                                         28.73µ ± 2%   28.44µ ± 3%       ~ (p=0.239 n=10)
eventbridge-custom.json                            45.55µ ± 1%   43.49µ ± 1%  -4.51% (p=0.000 n=10)
eventbridge-no-bus.json                            44.65µ ± 1%   42.62µ ± 1%  -4.55% (p=0.000 n=10)
eventbridge-no-timestamp.json                      43.84µ ± 1%   42.41µ ± 2%  -3.25% (p=0.001 n=10)
eventbridgesns.json                                57.73µ ± 1%   56.14µ ± 1%  -2.74% (p=0.000 n=10)
eventbridgesqs.json                                64.04µ ± 1%   63.39µ ± 2%  -1.02% (p=0.002 n=10)
http-api.json                                      64.74µ ± 1%   64.93µ ± 2%       ~ (p=0.912 n=10)
kinesis-batch.json                                 64.37µ ± 2%   63.13µ ± 1%  -1.93% (p=0.000 n=10)
kinesis.json                                       51.73µ ± 1%   51.37µ ± 2%       ~ (p=0.529 n=10)
s3.json                                            55.45µ ± 1%   55.34µ ± 3%       ~ (p=0.811 n=10)
sns-batch.json                                     82.19µ ± 2%   82.44µ ± 5%       ~ (p=0.912 n=10)
sns.json                                           61.99µ ± 1%   64.08µ ± 1%  +3.37% (p=0.001 n=10)
snssqs.json                                        103.1µ ± 2%   108.2µ ± 1%  +4.90% (p=0.000 n=10)
snssqs_no_dd_context.json                          94.88µ ± 2%   97.70µ ± 1%  +2.97% (p=0.002 n=10)
sqs-aws-header.json                                52.17µ ± 2%   54.32µ ± 1%  +4.10% (p=0.000 n=10)
sqs-batch.json                                     83.81µ ± 1%   87.73µ ± 1%  +4.67% (p=0.000 n=10)
sqs.json                                           62.43µ ± 1%   63.67µ ± 3%       ~ (p=0.565 n=10)
sqs_no_dd_context.json                             57.13µ ± 1%   56.65µ ± 1%  -0.83% (p=0.046 n=10)
stepfunction.json                                  40.20µ ± 1%   39.85µ ± 1%       ~ (p=0.089 n=10)
geomean                                            60.50µ        60.31µ       -0.31%

                                      │ baseline/benchmark.log │        current/benchmark.log        │
                                      │          B/op          │     B/op      vs base               │
api-gateway-appsec.json                           37.21Ki ± 0%   37.28Ki ± 0%  +0.17% (p=0.000 n=10)
api-gateway-kong-appsec.json                      26.86Ki ± 0%   26.85Ki ± 0%       ~ (p=0.563 n=10)
api-gateway-kong.json                             24.32Ki ± 0%   24.32Ki ± 0%       ~ (p=0.085 n=10)
api-gateway-non-proxy-async.json                  47.89Ki ± 0%   47.94Ki ± 0%  +0.11% (p=0.000 n=10)
api-gateway-non-proxy.json                        47.07Ki ± 0%   47.12Ki ± 0%  +0.12% (p=0.000 n=10)
api-gateway-websocket-connect.json                25.29Ki ± 0%   25.32Ki ± 0%  +0.13% (p=0.000 n=10)
api-gateway-websocket-default.json                21.18Ki ± 0%   21.21Ki ± 0%  +0.15% (p=0.000 n=10)
api-gateway-websocket-disconnect.json             20.94Ki ± 0%   20.97Ki ± 0%  +0.15% (p=0.000 n=10)
api-gateway.json                                  49.21Ki ± 0%   49.22Ki ± 0%  +0.01% (p=0.048 n=10)
application-load-balancer.json                    22.40Ki ± 0%   23.34Ki ± 0%  +4.19% (p=0.000 n=10)
cloudfront.json                                   17.38Ki ± 0%   17.40Ki ± 0%  +0.09% (p=0.000 n=10)
cloudwatch-events.json                            11.44Ki ± 0%   11.47Ki ± 0%  +0.27% (p=0.000 n=10)
cloudwatch-logs.json                              53.00Ki ± 0%   53.00Ki ± 0%       ~ (p=0.085 n=10)
custom.json                                       9.479Ki ± 0%   9.494Ki ± 0%  +0.15% (p=0.000 n=10)
dynamodb.json                                     40.24Ki ± 0%   40.27Ki ± 0%  +0.08% (p=0.000 n=10)
empty.json                                        9.017Ki ± 0%   9.032Ki ± 0%  +0.16% (p=0.000 n=10)
eventbridge-custom.json                           14.61Ki ± 0%   14.61Ki ± 0%       ~ (p=0.947 n=10)
eventbridge-no-bus.json                           13.58Ki ± 0%   13.58Ki ± 0%       ~ (p=0.395 n=10)
eventbridge-no-timestamp.json                     13.58Ki ± 0%   13.58Ki ± 0%       ~ (p=0.853 n=10)
eventbridgesns.json                               20.37Ki ± 0%   20.41Ki ± 0%  +0.18% (p=0.000 n=10)
eventbridgesqs.json                               24.51Ki ± 0%   24.54Ki ± 0%  +0.13% (p=0.000 n=10)
http-api.json                                     23.19Ki ± 0%   23.25Ki ± 0%  +0.26% (p=0.000 n=10)
kinesis-batch.json                                26.44Ki ± 0%   26.47Ki ± 0%  +0.11% (p=0.000 n=10)
kinesis.json                                      17.32Ki ± 0%   17.35Ki ± 0%  +0.18% (p=0.000 n=10)
s3.json                                           19.82Ki ± 0%   19.85Ki ± 0%  +0.16% (p=0.000 n=10)
sns-batch.json                                    39.02Ki ± 0%   39.01Ki ± 0%       ~ (p=0.468 n=10)
sns.json                                          24.43Ki ± 0%   24.43Ki ± 0%       ~ (p=0.617 n=10)
snssqs.json                                       52.61Ki ± 0%   52.68Ki ± 0%  +0.12% (p=0.000 n=10)
snssqs_no_dd_context.json                         46.37Ki ± 0%   46.43Ki ± 0%  +0.12% (p=0.000 n=10)
sqs-aws-header.json                               18.72Ki ± 0%   18.72Ki ± 0%       ~ (p=0.699 n=10)
sqs-batch.json                                    41.20Ki ± 0%   41.20Ki ± 0%       ~ (p=0.536 n=10)
sqs.json                                          25.33Ki ± 0%   25.33Ki ± 0%       ~ (p=0.428 n=10)
sqs_no_dd_context.json                            20.95Ki ± 0%   20.98Ki ± 0%  +0.16% (p=0.000 n=10)
stepfunction.json                                 13.45Ki ± 0%   13.48Ki ± 0%  +0.24% (p=0.000 n=10)
geomean                                           24.04Ki        24.09Ki       +0.22%

                                      │ baseline/benchmark.log │        current/benchmark.log        │
                                      │       allocs/op        │ allocs/op   vs base                 │
api-gateway-appsec.json                             627.0 ± 0%   627.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway-kong-appsec.json                        485.0 ± 0%   485.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway-kong.json                               463.0 ± 0%   463.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway-non-proxy-async.json                    720.0 ± 0%   720.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway-non-proxy.json                          710.0 ± 0%   710.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway-websocket-connect.json                  447.5 ± 0%   448.0 ± 0%       ~ (p=0.650 n=10)
api-gateway-websocket-default.json                  373.0 ± 0%   373.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway-websocket-disconnect.json               363.0 ± 0%   363.0 ± 0%       ~ (p=1.000 n=10) ¹
api-gateway.json                                    782.0 ± 0%   782.0 ± 0%       ~ (p=1.000 n=10) ¹
application-load-balancer.json                      347.0 ± 0%   348.0 ± 0%  +0.29% (p=0.000 n=10)
cloudfront.json                                     278.0 ± 0%   278.0 ± 0%       ~ (p=1.000 n=10) ¹
cloudwatch-events.json                              215.0 ± 0%   215.0 ± 0%       ~ (p=1.000 n=10) ¹
cloudwatch-logs.json                                208.0 ± 0%   208.0 ± 0%       ~ (p=1.000 n=10) ¹
custom.json                                         163.0 ± 0%   163.0 ± 0%       ~ (p=1.000 n=10) ¹
dynamodb.json                                       579.0 ± 0%   579.0 ± 0%       ~ (p=1.000 n=10) ¹
empty.json                                          154.0 ± 0%   154.0 ± 0%       ~ (p=1.000 n=10) ¹
eventbridge-custom.json                             258.0 ± 0%   258.0 ± 0%       ~ (p=1.000 n=10) ¹
eventbridge-no-bus.json                             249.0 ± 0%   249.0 ± 0%       ~ (p=1.000 n=10) ¹
eventbridge-no-timestamp.json                       249.0 ± 0%   249.0 ± 0%       ~ (p=1.000 n=10) ¹
eventbridgesns.json                                 315.0 ± 0%   315.0 ± 0%       ~ (p=1.000 n=10) ¹
eventbridgesqs.json                                 355.0 ± 0%   355.0 ± 0%       ~ (p=1.000 n=10) ¹
http-api.json                                       421.0 ± 0%   421.0 ± 0%       ~ (p=1.000 n=10) ¹
kinesis-batch.json                                  380.0 ± 0%   380.0 ± 0%       ~ (p=1.000 n=10) ¹
kinesis.json                                        276.0 ± 0%   276.0 ± 0%       ~ (p=1.000 n=10) ¹
s3.json                                             348.0 ± 0%   348.0 ± 0%       ~ (p=1.000 n=10) ¹
sns-batch.json                                      462.0 ± 0%   462.0 ± 0%       ~ (p=1.000 n=10) ¹
sns.json                                            333.0 ± 0%   333.0 ± 0%       ~ (p=1.000 n=10) ¹
snssqs.json                                         457.0 ± 0%   457.0 ± 0%       ~ (p=1.000 n=10) ¹
snssqs_no_dd_context.json                           417.0 ± 0%   417.0 ± 0%       ~ (p=1.000 n=10) ¹
sqs-aws-header.json                                 273.0 ± 0%   273.0 ± 0%       ~ (p=1.000 n=10) ¹
sqs-batch.json                                      497.0 ± 0%   497.0 ± 0%       ~ (p=1.000 n=10) ¹
sqs.json                                            348.0 ± 0%   348.0 ± 0%       ~ (p=1.000 n=10) ¹
sqs_no_dd_context.json                              334.0 ± 0%   334.0 ± 0%       ~ (p=1.000 n=10) ¹
stepfunction.json                                   223.0 ± 0%   223.0 ± 0%       ~ (p=1.000 n=10) ¹
geomean                                             356.8        356.8       +0.01%
¹ all samples are equal