AWSTemplateFormatVersion: 2010-09-09
Description: Deploys the resources needed to store events of Amazon ECS stopped tasks in CloudWatch Logs

Parameters:
  CWLogGroupName:
    Type: String
    Description: The CloudWatch log group name to store the events
    Default: /aws/events/ECSStoppedTasksEvent
  CWLogGroupRetention:
    Type: Number
    Description: The number of days to retain the events in the log group
    AllowedValues: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653]
    Default: 30

Resources:
  EventRule:
    Type: AWS::Events::Rule
    Properties:
      Name: ECSStoppedTasksEvent
      Description: Triggered when an Amazon ECS Task is stopped
      EventPattern:
        source:
          - aws.ecs
        detail-type:
          - ECS Task State Change
        detail:
          desiredStatus:
            - STOPPED
          lastStatus:
            - STOPPED
      State: ENABLED
      Targets:
        - Arn: !GetAtt LogGroup.Arn
          Id: ECSStoppedTasks

  LogGroup:
    Type: AWS::Logs::LogGroup
    Properties:
      LogGroupName: !Ref CWLogGroupName
      RetentionInDays: !Ref CWLogGroupRetention

  LogEventsPolicy:
    Type: AWS::Logs::ResourcePolicy
    Properties:
      PolicyName: LogEventsPolicy
      PolicyDocument: !Sub |
        {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Sid": "LogEventsPolicy",
              "Effect": "Allow",
              "Principal": {
                "Service": [
                  "delivery.logs.amazonaws.com",
                  "events.amazonaws.com"
                ]
              },
              "Action": [
                "logs:CreateLogStream",
                "logs:PutLogEvents"
              ],
              "Resource": "${LogGroup.Arn}"
            }
          ]
        }