1 個回答
- 最新
- 最多得票
- 最多評論
1
Hello.
I modified the policy as follows.
I have included all the policies used by CloudWatch Logs Insights, so it will probably work.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatchlogs.html
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:DescribeLogGroups",
"logs:DescribeQueryDefinitions",
"logs:DescribeQueries"
"logs:GetLogEvents",
"logs:StopQuery",
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"logs:DescribeLogStreams",
"logs:StartQuery",
"logs:GetQueryResults",
"logs:GetLogGroupFields"
],
"Resource": "arn:aws:logs:ap-south-1:744096931876:log-group:/aws/lambda/Password-generate:*"
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:GetMetricData",
"cloudwatch:GetMetricStatistics",
"cloudwatch:ListMetrics"
],
"Resource": "*"
}
]
}
相關內容
- AWS 官方已更新 4 年前
- AWS 官方已更新 2 年前