I think these tips will help you given below
Create server and administrator AWS Identity and Access Management (IAM) roles to use with the CloudWatch agent. The server role allows instances to upload metrics and logs to CloudWatch. The administrator role creates and stores the CloudWatch configuration template within the Systems Manager Parameter Store.
Attach the server role to any Elastic Compute Cloud (Amazon EC2) instances that you simply want to upload your logs for.
Attach the administrator role to your administrator configuration instance.
Download and install the CloudWatch agent package using AWS Systems Manager Run Command. within the Targets area, choose your server instances and your administrator instance.
Create the CloudWatch agent configuration file on your administrator instance using the configuration wizard. Store the enter the Parameter Store. Record the parameter store name that you simply choose.
To apply the configuration to the server instances and begin uploading logs, start the CloudWatch agent using Systems Manager Run Command.
For Targets, choose your server instances.
For Optional Configuration Location, enter the parameter store name that you simply chose within the wizard.
I work as an AWS architect completed course from https://www.cetpainfotech.com/technology/aws-training