1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
Hello.
I modified the policy as follows.
I have included all the policies used by CloudWatch Logs Insights, so it will probably work.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchlogs.html
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:DescribeLogGroups",
"logs:DescribeQueryDefinitions",
"logs:DescribeQueries"
"logs:GetLogEvents",
"logs:StopQuery",
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"logs:DescribeLogStreams",
"logs:StartQuery",
"logs:GetQueryResults",
"logs:GetLogGroupFields"
],
"Resource": "arn:aws:logs:ap-south-1:744096931876:log-group:/aws/lambda/Password-generate:*"
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:GetMetricData",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Resource": "*"
}
]
}