Install AWS CloudWatch log agent on Amazon Linux 2

install-cloudwatch-log-agent-amazonlinux2.sh

#!/bin/bash

# Pre cond:
# 
# EC2 IAM role with this IAM policy:
# {
#   "Version": "2012-10-17",
#   "Statement": [
#     {
#       "Effect": "Allow",
#       "Action": [
#         "logs:CreateLogGroup",
#         "logs:CreateLogStream",
#         "logs:PutLogEvents",
#         "logs:DescribeLogStreams"
#     ],
#       "Resource": [
#         "arn:aws:logs:*:*:*"
#     ]
#   }
#  ]
# }
# 
# EC2 IAM role (above) is attached to EC2 instance

# Install CloudWatch Logs agend on Amazon Linux 2

sudo yum update -y
sudo yum install -y awslogs

sudo tee -a /etc/awslogs/awscli.conf  > /dev/null << EOL
[plugins]
cwlogs = cwlogs
[default]
region = $(ec2-metadata -z | grep -Po "(us|sa|eu|ap)-(north|south|central)?(east|west)?-[0-9]+")
EOL

sudo tee -a /etc/awslogs/awslogs.conf  > /dev/null << EOL
[general]
state_file = /var/lib/awslogs/agent-state
[/var/log/customlog]
datetime_format = %b %d %H:%M:%S
file = /var/log/customlog
buffer_duration = 5000
log_stream_name = {instance_id}
initial_position = start_of_file
log_group_name = /var/log/customlog
EOL

sudo systemctl start awslogsd
sudo systemctl enable awslogsd.service