Forward logs to datadog forwarder with custom tags
Forward logs to datadog forwarder with custom tags
If you want to forward the RunsOn logs to your datadog account, using custom tags (to match Datadog indexes), you need two things:
- Add a subscription filter to the RunsOn Cloudwatch log group
- Add tags to the Cloudwatch log group (for them to be passed to datadog)
This is how we proceeded:
resource "aws_cloudwatch_log_subscription_filter" "dd-logs" {
name = "runs-on-cicd"
log_group_name = aws_cloudformation_stack.runs-on.outputs.RunsOnServiceLogGroupName
filter_pattern = ""
destination_arn = var.datadog_forwarder_arn
}
# Add Datadog tags to the AppRunner service created by CloudFormation
resource "null_resource" "runs-on-apprunner-tags" {
triggers = {
cloudformation_outputs = sha256(jsonencode(aws_cloudformation_stack.runs-on.outputs))
}
provisioner "local-exec" {
command = <<-EOT
aws logs tag-log-group \
--region eu-west-1 \
--log-group-name ${aws_cloudformation_stack.runs-on.outputs.RunsOnServiceLogGroupName} \
--tags '{
"Name": "runs-on-cicd",
"Environment": "${var.environment}",
"Project": "my-custom-project",
"Service": "runs-on-cicd"
}'
EOT
}
}Note that the sha256 allows us to trigger the tagging everytime the Cloudformation stack is updated. This is useful in case the stack overwrites the log group and removes the tag
Last updated: October 30, 2025