Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Only one user and it has CloudWatchFullAccess but I can't see CW logs

0

When I run my lambda it fails. I want to see the logs but when I click "View logs in Cloudwatch" I get:

```

There was an error loading Log Streams


I only have one user and that user has CloudWatchFullAccess and AWSLambdaFullAccess.   
  
When I try to create a log stream I get: 

    ```
There was an error creating your Log Stream. Please try again.

When I follow these instructions I get the same error: https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions-logs.html

So what's wrong here?

Edited by: mstracker on Jun 30, 2019 3:57 PM

Edited by: mstracker on Jun 30, 2019 4:11 PM

Themen
Management & Unternehmensführung
Tags
Amazon CloudWatch
Sprache
English
mstracker
gefragt vor 5 Jahren260 Aufrufe
5 Antworten
1

I followed this article and recreated the function from scratch and it worked. Seems like the AWS XRay access might have been the issue.

https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html

mstracker
beantwortet vor 5 Jahren
0

Hello

Just in case, double check that your lambda function has the minimum role to write the logs in cloudwatch. It should have a role that includes the AWSLambdaBasicExecutionRole policy.

on the lambda function page, there is a monitoring tab where you can see if there are any issues. That might give you an idea of what else is needed. You can post the exact error message and maybe we can help more.
https://docs.aws.amazon.com/lambda/latest/dg/monitoring-functions-logs.html
https://docs.aws.amazon.com/lambda/latest/dg/lambda-permissions.html

hope this helps,
RT

rtt
beantwortet vor 5 Jahren
0

In the Execution role I have:

{
  "roleName": "lambda_role",
  "policies": [
    {
      "document": {
        "Version": "2012-10-17",
        "Statement": [
          {
            "Effect": "Allow",
            "Action": "logs:CreateLogGroup",
            "Resource": "arn:aws:logs:us-east-2:696215482432:*"
          },
          {
            "Effect": "Allow",
            "Action": [
              "logs:CreateLogStream",
              "logs:PutLogEvents"
            ],
            "Resource": [
              "arn:aws:logs:us-east-2:696215482432:log-group:/aws/lambda/get-sheet-data:*"
            ]
          }
        ]
      },
      "name": "AWSLambdaBasicExecutionRole-11a867c9-e852-454d-a3f3-4b402295bada",
      "id": "ANPA2EGNNGBACNUXA63TP",
      "type": "managed",
      "arn": "arn:aws:iam::696215482432:policy/service-role/AWSLambdaBasicExecutionRole-11a867c9-e852-454d-a3f3-4b402295bada"
    }
  ],
  "trustedEntities": [
    "lambda.amazonaws.com"
  ]
}
mstracker
beantwortet vor 5 Jahren
0

I tried creating a brand new function. Ran the function then clicked "logs" and got this error:

 There was an error loading Log Streams. Please try again by refreshing this page.

At the top of the cloudwatch page. Can't create a log stream either.

mstracker
beantwortet vor 5 Jahren
0

Hello
To make it simple, try to run your function using the basic lambda role "AWSLambdaBasicExecutionRole"
if that works, then start limiting it.

https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html

hope this helps
RT

rtt
beantwortet vor 5 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt