Quintes van Aswegen: AWS Lambda function created via cloudformation doesn't log

Saturday, 21 April 2018

AWS Lambda function created via cloudformation doesn't log

Feb 2022 - this post is permanently moved to https://architectfwd.com, my new site, and can be found here - https://architectfwd.com/architecture/cloud/amazon-web-services-aws/lambda/2022/01/23/aws-lambda-function-created-via-cloudformation-doesnt-log/ please go and bookmark that site for all of my future content.

I provisioned new lambda functions via AWS CloudFormation but used an existing service role for lambda execution, however found that no logs were being created. Here's how to fix.

IAM

Go to the role in IAM, edit the policy and add the resource (the new lambda)

"Resource": [

"Existing...",

"arn:aws:logs:REGION:XXXX:log-group:/aws/lambda/function-name-here:*"

]

Review and apply.

Log group created and contains logs

Immediately after updating the service role policy to add the resource, execute the function and the CloudWatch log group should be created and populated

Cheers

Quintes

Connect with me on LinkedIn or Twitter

Quintes van Aswegen

Saturday, 21 April 2018

AWS Lambda function created via cloudformation doesn't log

AWS Lambda function created via cloudformation doesn't log

IAM

Log group created and contains logs

Togaf 9 Certified Architect

Blog Archive