说我在cloudWatch中有一个日志组,我想使用过滤器(订阅->流到AWS Lambda的流)订阅一个lambda。
我想用cloudFormation模板实现它,但是从cloudFormation doc来看,似乎只有两个可用的cloudWatch资源是Alarm / Dashboard。
问题是:
答案 0 :(得分:1)
哦,这很棘手。我只是通过在控制台中创建一个并逆向工程来弄清楚-ick。但您很幸运-我手头上有:P这是我用于将Lambda订阅到vpc流日志的json。
请注意,“ VPCFlowLogsGroup”是日志组的逻辑ID,“ FlowLogsCollector”是lambda的逻辑ID。
"FlowLogsCollectorEventPermission": {
"Type" : "AWS::Lambda::Permission",
"Properties" : {
"Principal" : { "Fn::Sub": "logs.${AWS::Region}.amazonaws.com" },
"Action" : "lambda:InvokeFunction",
"FunctionName" : { "Fn::GetAtt": [ "FlowLogsCollector", "Arn" ] },
"SourceAccount": { "Ref": "AWS::AccountId" },
"SourceArn" : { "Fn::GetAtt": [ "VPCFlowLogsGroup", "Arn" ] }
}
},
"FlowLogsCollectorSubscription": {
"Type" : "AWS::Logs::SubscriptionFilter",
"DependsOn": "FlowLogsCollectorEventPermission",
"Properties" : {
"LogGroupName" : { "Ref" : "VPCFlowLogsGroup" },
"FilterPattern" : "",
"DestinationArn" : { "Fn::GetAtt" : [ "FlowLogsCollector", "Arn" ] }
}
},