How to include cloudWatch Log Group subscription in cloudFormation template?

1
votes

Say I have a Log Group in cloudWatch, which I want to subscribe to a lambda with a filter (Subscriptions->Stream to AWS Lambda).

I want to achieve it with cloudFormation template, but from cloudFormation doc, it seems that the only two available cloudWatch resources are Alarm/Dashboard.

Questions is:

  • Is there any way to write cloudWatch Log Group subscription in cloudFormation?
  • If not, any alternative way (say from lambda resource configuration in cloudFormation template)?
1
amazon-web-servicesamazon-cloudformation

1 Answers

3
votes

Oh, that's a tricky one. I only figured it out by creating one in the console and reverse enginerring - ick. But you're lucky - I have it on hand :P This is the json I was using for subscribing a lambda to a vpc flow log.

Note that the 'VPCFlowLogsGroup' is the logical Id of the log group, the 'FlowLogsCollector' that of the lambda. 

"FlowLogsCollectorEventPermission": {
    "Type" : "AWS::Lambda::Permission",
    "Properties" : {
        "Principal" : { "Fn::Sub": "logs.${AWS::Region}.amazonaws.com" },
        "Action" : "lambda:InvokeFunction",
        "FunctionName" : { "Fn::GetAtt": [ "FlowLogsCollector", "Arn" ] },
        "SourceAccount": { "Ref": "AWS::AccountId" },
        "SourceArn" : { "Fn::GetAtt": [ "VPCFlowLogsGroup", "Arn" ] }
    }
  },
"FlowLogsCollectorSubscription": {
  "Type" : "AWS::Logs::SubscriptionFilter",
  "DependsOn": "FlowLogsCollectorEventPermission",
  "Properties" : {
    "LogGroupName" : { "Ref" : "VPCFlowLogsGroup" },
    "FilterPattern" : "",
    "DestinationArn" : { "Fn::GetAtt" : [ "FlowLogsCollector", "Arn" ] }
  }
},