From 24bfe9ddab7ccbfc5f744b3a28cbddf0c84e8f23 Mon Sep 17 00:00:00 2001
From: John Passaro <john.a.passaro@gmail.com>
Date: Tue, 26 Jul 2022 11:31:21 -0400
Subject: [PATCH] customize role name in log forwarder CFN template

---
 aws/logs_monitoring/template.yaml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/aws/logs_monitoring/template.yaml b/aws/logs_monitoring/template.yaml
index a7dca565c..b6ccae417 100644
--- a/aws/logs_monitoring/template.yaml
+++ b/aws/logs_monitoring/template.yaml
@@ -197,6 +197,10 @@ Parameters:
     Type: Number
     Default: 20
     Description: Set the max number of workers sending logs concurrently.
+  ForwarderRoleNamePrefix:
+    Type: String
+    Default: ""
+    Description: Set the name of the execution role to be created for the lambda. Region will be added for global uniqueness.
   PermissionsBoundaryArn:
     Type: String
     Default: ""
@@ -377,6 +381,11 @@ Conditions:
       - Fn::Equals:
           - Ref: PermissionsBoundaryArn
           - ""
+  SetForwarderRoleName:
+    Fn::Not:
+      - Fn::Equals:
+          - Ref: ForwarderRoleNamePrefix
+          - ""
   SetAdditionalTargetLambdas:
     Fn::Not:
       - Fn::Equals:
@@ -629,6 +638,11 @@ Resources:
   ForwarderRole:
     Type: AWS::IAM::Role
     Properties:
+      RoleName:
+        Fn::If:
+          - SetForwarderRoleName
+          - !Sub "${ForwarderRoleNamePrefix}-${AWS::Region}"
+          - Ref: AWS::NoValue
       AssumeRolePolicyDocument:
         Version: "2012-10-17"
         Statement: