CloudWatch provides an agent that can be configured with different filesystem sources to collect, aggregate and stream log files to CloudWatch Logs. The first step is to create an IAM policy that will provide the access required to write log streams into CloudWatch Log groups.
- Navigate to IAM and choose Policies | Create policy:
- In the Create policy menu use the JSON editor and paste the following IAM Policy: https://github.com/gabanox/Certified-Solution-Architect-Associate-Guide/blob/master/chapter21/CloudWatchAgentPolicy.txt.
- Review and name the policy CloudWatchAgentPolicy and click on CreatePolicy.
- Our example ...