AWSTemplateFormatVersion: '2010-09-09' Description: This template deploys an Amazon EventBridge rule that captures Elastic Container Service task history for persistence in Amazon CloudWatch. Parameters: ServiceName: Type: string Description: The name of the ECS service that you would like to capture events from ServiceArn: Type: string Description: The full ARN of the service that you would like to capture events from Resources: # A CloudWatch log group for persisting the Amazon ECS events ServiceEventLog: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub /benchmark/${ServiceName}-events # Create the EventBridge rule that captures deployment events into the CloudWatch log group CaptureServiceDeploymentEvents: Type: AWS::Events::Rule Properties: Description: !Sub 'Capture service deployment events from the ECS service ${ServiceName}' # Which events to capture EventPattern: source: - aws.ecs detail-type: - "ECS Deployment State Change" - "ECS Service Action" resources: - !Ref ServiceArn # Where to send the events Targets: - Arn: !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:${ServiceEventLog} Id: 'CloudWatchLogGroup' # Create a log group resource policy that allows EventBridge to put logs into # the log group LogGroupForEventsPolicy: Type: AWS::Logs::ResourcePolicy Properties: PolicyName: EventBridgeToCWLogsPolicy PolicyDocument: !Sub - > { "Version": "2012-10-17", "Statement": [ { "Sid": "EventBridgetoCWLogsPolicy", "Effect": "Allow", "Principal": { "Service": [ "delivery.logs.amazonaws.com", "events.amazonaws.com" ] }, "Action": [ "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": [ "${LogArn}" ] } ] } - { LogArn: !GetAtt ServiceEventLog.Arn, RuleArn: !GetAtt CaptureServiceDeploymentEvents.Arn}