For the most recent update on ongoing service disruptions affecting the AWS Middle East (UAE) Region (ME-CENTRAL-1), refer to the AWS Health Dashboard. For information on AWS Service migration, see How do I migrate my services to another region?
How do I resolve the "LimitExceededException" error when I create EventBridge rules with CloudWatch log groups as targets?
When I create or update Amazon EventBridge rules that have Amazon CloudWatch log groups as targets, I get the "LimitExceededException" error message.
Short description
You receive one of the following error messages:
- "LimitExceededException: Resource limit exceeded"
- "LimitExceededException: The resource policy size has exceeded the maximum allowed size"
- "LimitExceededException: An error occurred (LimitExceededException) when calling the PutRule operation"
The preceding errors occur when you exceeded the CloudWatch Logs resource policy length of 5120 characters. Or, you reached the EventBridge event bus quota for the number of rules for each event bus or targets for each rule.
Resolution
Resolve the CloudWatch Logs resource policy size
Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.
Check the size of your resource policy
To check your current resource policy size, run the following describe-resource-policies AWS CLI command:
aws logs describe-resource-policies --region your-region
Note: Replace your-region with your AWS Region.
Consolidate EventBridge permissions in the CloudWatch Logs resource policy
To remain within the maximum CloudWatch Logs resource policy character length, create a consolidated resource policy.
Example of a consolidated resource policy:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "EventBridgeToCloudWatchLogs", "Effect": "Allow", "Principal": { "Service": "events.amazonaws.com" }, "Action": [ "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": [ "arn:aws:logs:your-region:account-id:log-group:log-group-1:*", "arn:aws:logs:your-region:account-id:log-group:log-group-2:*" ] } ] }
Note: Replace your-region with your Region, account-id with your AWS account ID, and log-group-1 and log-group-2 with the names of your log groups. Add or remove log groups as needed.
To add your consolidated resource policy to the rule, run the following put-resource-policy AWS CLI command:
aws logs put-resource-policy \ --policy-name EventBridgeToCloudWatchLogsPolicy \ --policy-document file://consolidated-policy.json \ --region your-region
Note: Replace your-region with your Region and consolidated-policy.json with the name of your consolidated resource policy.
Check your EventBridge service quota usage and rules
Review EventBridge service quota usage and request a quota increase
To check your current EventBridge service quota usage and request a service quota increase, complete the following steps:
- Open the Service Quotas console.
- In the navigation pane, choose AWS services, and then choose Amazon EventBridge (CloudWatch Events).
- To view usage, select a quota, such as Rules per event bus or Event buses per account.
- To request a quota increase, choose Request increase at account level.
- For Increase quota value, enter a number that's greater than your current quota value.
- Choose Request.
Note: Wait 24–48 hours for your service quote increase request to process.
Check current EventBridge rules and delete unused rules
To check your current rules and delete your unused rules, see Disabling or deleting a rule in Amazon EventBridge.
Note: When possible, be sure to distribute rules across Regions so that you can use quotas for each Region.
Related information
- Language
- English
Relevant content
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 months ago
