By using AWS re:Post, you agree to the Terms of Use
/Differences and usage of aws vended logs vs cloudwatch/

Differences and usage of aws vended logs vs cloudwatch


I got a error "Resource handler returned message: "Invalid Logging Configuration: The CloudWatch Logs Resource Policy size was exceeded. We suggest prefixing your CloudWatch log group name with /aws/vendedlogs/states/. (Service: AWSStepFunctions; Status Code: 400; Error Code: InvalidLoggingConfiguration; Request ID: XXX; Proxy: null)" (RequestToken: YYY, HandlerErrorCode: InvalidRequest)" Which was solved with suggested prefixing.

I found some informations about vended logs here: It looks like only difference between vended logs and classic cloudwatch logs is price, and exception in violating Resource Policy size limit. Is there any other difference?

To my understanding all what I need to do is to use prefix vendedlogs, in log group name of e.g. stepfunction (/aws/stepfunction/ -> /aws/vendedlogs/stepfunction/)

Are my assumptions correct? Thanks

1 Answers

Hello, You are correct that the primary difference is the Volume pricing (as mentioned in the pricing page). For any of vended logs AWS services, you can prefix the CloudWatch Logs Log Group name with /aws/vendedlogs/ to avoid reaching the CloudWatch Logs resource policy size limit. (Step functions specific documentation -

So in the above case, /aws/stepfunction/ will become /aws/vendedlogs/stepfunction/

answered 14 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions