- Newest
- Most votes
- Most comments
Just adding to what has been mentioned here earlier. First you need to add resource policy to your target lambda function through AWS CLI, catch here is, you can't add resource policy for Cloudwatch Alam through UI unlike other sources such as SNS, SQS etc, so you'll have to add resource policy through AWS CLI as mentioned in AWS Documentation:
aws lambda add-permission \
--function-name my-function-name \
--statement-id AlarmAction \
--action 'lambda:InvokeFunction' \
--principal lambda.alarms.cloudwatch.amazonaws.com \
--source-account 111122223333 \
--source-arn arn:aws:cloudwatch:us-east-1:111122223333:alarm:alarm-name
Once you add this to your target lambda function, CloudWatch Alarm should be able to invoke your lambda function.
Reference Doc: Using Amazon CloudWatch alarms
That error is telling you that the cloudwatch service does not have permission to invoke the lambda. The easiest way is update the resource policy to allow cloudwatch to invoke the service. [1]
If you provide a bit more details on what you are looking to build, we may be able to offer a more detailed answer or recommend patterns that are resilient.
[1] https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-actions-Lambda : Using Amazon CloudWatch alarms - Lambda alarm actions
Relevant content
AWS OFFICIALUpdated 7 months ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
