- 新しい順
- 投票が多い順
- コメントが多い順
Hello,
your limitation is described here: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html#AWS-logs-infrastructure-CWL
These services must list each log group that they're sending logs to in the resource policy, and CloudWatch Logs resource policies are limited to 5120 characters. A service that sends logs to a large number of log groups may run into this limit.
To mitigate this, CloudWatch Logs monitors the size of resource policies used by the service that is sending logs, and when it detects that a policy approaches the size limit of 5120 characters, CloudWatch Logs automatically enables /aws/vendedlogs/* in the resource policy for that service. You can then start using log groups with names that start with /aws/vendedlogs/ as the destinations for logs from these services.
One option is to follow the recommendation and using a log group starting with /aws/vendedlogs as destination. See if that allows you to enable logging.
関連するコンテンツ
- AWS公式更新しました 2年前
- AWS公式更新しました 3年前