堆栈内存溢出
  简体   繁体   English

如何在 cloudFormation 模板中包含 cloudWatch Log Group 订阅?

[英]How to include cloudWatch Log Group subscription in cloudFormation template?

 原文  2018-08-15 15:05:03       amazon-web-services/ amazon-cloudformation

问题描述

Say I have a Log Group in cloudWatch, which I want to subscribe to a lambda with a filter (Subscriptions->Stream to AWS Lambda).假设我在 cloudWatch 中有一个日志组,我想通过过滤器(订阅->流到 AWS Lambda)订阅一个 lambda。

I want to achieve it with cloudFormation template, but from cloudFormation doc, it seems that the only two available cloudWatch resources are Alarm/Dashboard.我想用 cloudFormation 模板来实现它,但是从 cloudFormation 文档来看,似乎只有两个可用的 cloudWatch 资源是 Alarm/Dashboard。

Questions is:问题是:

  • Is there any way to write cloudWatch Log Group subscription in cloudFormation?有没有办法在cloudFormation中写cloudWatch Log Group订阅?
  • If not, any alternative way (say from lambda resource configuration in cloudFormation template)?如果没有,任何替代方法(例如来自 cloudFormation 模板中的 lambda 资源配置)?

1 个解决方案

解决方案1
 3 已采纳  2018-08-15 15:09:38

Oh, that's a tricky one.哦,这是一个棘手的问题。 I only figured it out by creating one in the console and reverse enginerring - ick.我只是通过在控制台中创建一个并逆向工程来解决这个问题 - ick。 But you're lucky - I have it on hand :P This is the json I was using for subscribing a lambda to a vpc flow log.但是你很幸运 - 我手头有它:P 这是我用来将 lambda 订阅到 vpc 流日志的 json。

Note that the 'VPCFlowLogsGroup' is the logical Id of the log group, the 'FlowLogsCollector' that of the lambda.请注意,“VPCFlowLogsGroup”是日志组的逻辑 ID,“FlowLogsCollector”是 lambda 的逻辑 ID。

"FlowLogsCollectorEventPermission": {
    "Type" : "AWS::Lambda::Permission",
    "Properties" : {
        "Principal" : { "Fn::Sub": "logs.${AWS::Region}.amazonaws.com" },
        "Action" : "lambda:InvokeFunction",
        "FunctionName" : { "Fn::GetAtt": [ "FlowLogsCollector", "Arn" ] },
        "SourceAccount": { "Ref": "AWS::AccountId" },
        "SourceArn" : { "Fn::GetAtt": [ "VPCFlowLogsGroup", "Arn" ] }
    }
  },
"FlowLogsCollectorSubscription": {
  "Type" : "AWS::Logs::SubscriptionFilter",
  "DependsOn": "FlowLogsCollectorEventPermission",
  "Properties" : {
    "LogGroupName" : { "Ref" : "VPCFlowLogsGroup" },
    "FilterPattern" : "",
    "DestinationArn" : { "Fn::GetAtt" : [ "FlowLogsCollector", "Arn" ] }
  }
},

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用 CloudFormation 为多个日志组创建 AWS CloudWatch 订阅过滤器 - How to create AWS CloudWatch Subscription Filters for multiple Log Groups using CloudFormation 如何在AWS SAM模板中同时包括CloudWatch组和流? - How to include both CloudWatch group and stream in AWS SAM template? 如何为在Cloudformation中创建的Lambda设置Cloudwatch日志 - How to setup Cloudwatch log for a Lambda created in Cloudformation 如何使用 cloudformation 模板创建 cloudwatch 事件? - How to create cloudwatch event using cloudformation template? 如何在Elasticbeanstalk中通过AWS Cloudformation模板创建自定义日志并将其流式传输到Cloudwatch? - How to create a custom log and stream it to cloudwatch through AWS Cloudformation template in elasticbeanstalk ? 如何为 Cloudformation 中的所有 lambda 日志设置 CloudWatch 订阅过滤器? - How to set a CloudWatch Subscription Filter to all lambda logs in Cloudformation? 如何删除 AWS CloudWatch 日志组中的订阅 - How to remove subscription in AWS CloudWatch Log Groups 如何使用cloudformation模板启用CloudWatch for Elastic Beanstalk - How to enable CloudWatch for Elastic Beanstalk using cloudformation template 如何通过 Cloudformation 模板为 AWS API GW 启用 Cloudwatch 日志记录 - How to enable Cloudwatch logging for AWS API GW via Cloudformation template Amazon CloudWatch:如何查找 CloudWatch 日志组的 ARN - Amazon CloudWatch: How to find ARN of CloudWatch Log group
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM