CloudWatch Log Group & Eventbridge Rule
Last updated
Last updated
The CloudFormation template for WorkSpaces Manager in the AWS Marketplace automatically creates an EventBridge Rule and a CloudWatch Log Group in the same region where the appliance is deployed. The default CloudWatch Log Group is called:
"/aws/events/WorkSpacesAccessLG"
Amazon EventBridge is a serverless event bus service that allows you to respond to changes in your AWS environment or applications. It helps you build event-driven architectures by capturing real-time data from various AWS services, custom applications, or SaaS providers, and routing that data to different targets.
Amazon CloudWatch Logs, a service that collects, monitors, and stores log data from AWS resources, applications, and services. A Log Group is a container for logs, grouping together logs from similar sources, such as specific applications or AWS services. Within each Log Group, logs are organized into Log Streams (individual log files).
EventBridge can send event data to CloudWatch Logs for storage and analysis. EventBridge Rules can collect specific insights for Amazon WorkSpaces that are not available through standard APIs.
When setting up WorkSpaces Manager to operate across multiple regions, it’s essential to have an EventBridge Rule linked to a CloudWatch Log Group in each region where WorkSpaces are deployed. The only caveat is that the CloudWatch Log Group must have the exact same name in every region: "/aws/events/WorkSpacesAccessLG".
To create new Rules and a CloudWatch Log Group in a different region from where WorkSpaces Manager was deployed via the CloudFormation template, navigate to EventBridge. Click on "Events" > "Rules":
Click "Create rule".
In the "Rule Detail" section, add a Name and Description (e.g., WorkSpaces_Rule) and leave the default configuration as displayed below:
In the "Event Source" section, select "AWS events or EventBridge partner events.":
Below, in the "Sample event" box, select "AWS Events" and search for "WorkSpaces Access."
Scrolling down, in the "Creation Method" section, select "User pattern form."
In the last step, under "Event pattern," select the following options:
Event Source: "AWS Services"
AWS Service: "WorkSpaces"
Event Type: "WorkSpaces Access"
Click on "Next". In the targets section, for "Target 1", choose:
Target Type: "AWS Service"
Select a target: "CloudWatch Log Group"
Log Group: "/aws/events/WorkSpacesAccessLG"
Configure the tags as optional. And then create the rule:
A success banner should appear on top of the page.
Click on “Logs” > “Log groups” > confirm that the new log group exists.
Now, in WorkSpaces Manager, click on the “Configuration” dropdown, select “Settings”, and then “Amazon Web Services” Scroll down to the Account settings and select account, fill in the “Access Log Group” field with the following information: /aws/events/WorkSpacesAccessLG.
