1. Answers
  2. Using Aws Logs With Appstream

Using Aws Logs With Appstream

In this solution, we will use AWS CloudWatch Logs with Amazon AppStream 2.0 using Pulumi in TypeScript. The key services involved are Amazon AppStream 2.0, which is a fully managed application streaming service, and Amazon CloudWatch Logs, which is a monitoring and observability service. We will create an AppStream fleet and stack, and configure CloudWatch Logs to capture and store logs from the AppStream environment.

Step-by-Step Explanation

  1. Create an AppStream Fleet: We will create an AppStream fleet, which is a group of streaming instances used to stream applications to users.
  2. Create an AppStream Stack: We will create an AppStream stack, which is a collection of AppStream resources that users can access.
  3. Configure CloudWatch Logs: We will set up CloudWatch Logs to capture and store logs from the AppStream environment.
  4. Create IAM Roles and Policies: We will create the necessary IAM roles and policies to allow AppStream to send logs to CloudWatch.
  5. Deploy the Infrastructure: We will deploy the infrastructure using Pulumi.

Key Points

  • Amazon AppStream 2.0 allows you to stream applications to users without the need for local installation.
  • Amazon CloudWatch Logs provides a centralized logging solution for monitoring and troubleshooting.
  • Pulumi allows you to define and manage cloud infrastructure using familiar programming languages.
  • IAM roles and policies are essential for granting the necessary permissions for services to interact.

Conclusion

In this solution, we demonstrated how to use AWS CloudWatch Logs with Amazon AppStream 2.0 using Pulumi in TypeScript. By following the step-by-step instructions, you can set up a fully managed application streaming environment with centralized logging for monitoring and troubleshooting. This solution leverages the power of Pulumi to define and manage cloud infrastructure using code, making it easier to automate and maintain your cloud resources.

Full Code Example

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create a CloudWatch Log Group
const logGroup = new aws.cloudwatch.LogGroup("appstream-log-group", {
    retentionInDays: 7,
});

// Create a CloudWatch Log Stream
const logStream = new aws.cloudwatch.LogStream("appstream-log-stream", {
    logGroupName: logGroup.name,
});

// Create an IAM Role for AppStream
const appStreamRole = new aws.iam.Role("appstream-role", {
    assumeRolePolicy: JSON.stringify({
        Version: "2012-10-17",
        Statement: [
            {
                Action: "sts:AssumeRole",
                Principal: {
                    Service: "appstream.amazonaws.com",
                },
                Effect: "Allow",
                Sid: ""
            }
        ]
    })
});

// Attach a policy to the IAM Role
const appStreamRolePolicy = new aws.iam.RolePolicy("appstream-role-policy", {
    role: appStreamRole.id,
    policy: JSON.stringify({
        Version: "2012-10-17",
        Statement: [
            {
                Effect: "Allow",
                Action: [
                    "logs:CreateLogStream",
                    "logs:PutLogEvents"
                ],
                Resource: [
                    logGroup.arn,
                    pulumi.interpolate`${logGroup.arn}:*`
                ]
            }
        ]
    })
});

// Create an AppStream Fleet
const appStreamFleet = new aws.appstream.Fleet("appstream-fleet", {
    instanceType: "stream.standard.medium",
    fleetType: "ALWAYS_ON",
    computeCapacity: {
        desiredInstances: 1,
    },
    imageName: "AppStream-WinServer2019-07-15-2021",
    iamRoleArn: appStreamRole.arn,
    vpcConfig: {
        subnetIds: ["subnet-12345678"],
        securityGroupIds: ["sg-12345678"],
    },
    enableDefaultInternetAccess: true,
});

// Create an AppStream Stack
const appStreamStack = new aws.appstream.Stack("appstream-stack", {
    accessEndpoints: [{
        endpointType: "STREAMING",
        vpceId: "vpce-12345678"
    }],
    applicationSettings: {
        enabled: true,
        settingsGroup: "AppStreamSettings"
    },
    userSettings: [{
        action: "CLIPBOARD_COPY_FROM_LOCAL_DEVICE",
        permission: "ENABLED"
    }]
});

// Export the ARNs of the created resources
export const fleetArn = appStreamFleet.arn;
export const stackArn = appStreamStack.arn;
export const logGroupArn = logGroup.arn;
export const logStreamArn = logStream.arn;
export const roleArn = appStreamRole.arn;
export const policyName = appStreamRolePolicy.name;

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up