As you know, AWS EC2 Image Builder is an AWS service letting you automate the creation and deployment of golden image on Amazon Elastic Cloud Compute (EC2).

Well, to help you troubleshoot building, customization and deployment of EC2 image, you can now stream the logs in CloudWatch.

This option is enabled by default.

If you want to disable the option, you will need to remove the corresponding permissions from the EC2 instance profile

“Statement”: [
     {
         “Effect”: “Allow”,
         “Action”: [
             “logs:CreateLogStream”,
             “logs:CreateLogGroup”,
             “logs:PutLogEvents”
         ],
         “Resource”: “arn:aws:logs:*:*:log-group:/aws/imagebuilder/*”
     }
]