CloudWatch Log Group
Last updated
Last updated
CloudWatch collects specific insights for Amazon WorkSpaces that are not available through standard APIs; however, it is not enabled by default. To enable CloudWatch for WorkSpaces:
Navigate to EventBridge. Click on "Events" > "Rules":
Click "Create rule".
In the "Rule Detail" section, add a Name and Description (e.g., WorkSpaces_Rule) and leave the default configuration as displayed below:
In the "Event Source" section, select "AWS events or EventBridge partner events.":
Below, in the "Sample event" box, select "AWS Events" and search for "WorkSpaces Access."
Scrolling down, in the "Creation Method" section, select "User pattern form."
In the last step, under "Event pattern," select the following options:
Event Source: "AWS Services"
AWS Service: "WorkSpaces"
Event Type: "WorkSpaces Access"
Click on "Next". In the targets section, for "Target 1", choose:
Target Type: "AWS Service"
Select a target: "CloudWatch Log Group"
Log Group: "/aws/events/WorkSpaceAccess"
Configure the tags (optional):
And then create the rule.
A success banner should appear on top of the page.
Click on “Logs” > “Log groups” > confirm that the new log group exists.
Now, in WorkSpaces Manager, click on the “Configuration” dropdown, select “Settings”, and then “WorkSpaces.” Scroll down to the WorkSpaces Settings and fill in the “Access Log Group” field with the following information: /aws/events/WorkSpaceAccess
.
The necessary IAM permissions required to access the CloudWatch Log Group are as follows: