First off, I should note that I posted this question on the AWS Discussion Forums. No answer was forthcoming after several days. So I decided to migrate to stackoverflow. Below is a copy-paste of my question:
Greetings! Yesterday the Cloudwatch logging for my lambda functions stopped working. At first I thought it was due to some changes in my code, but after returning to the most recent working version (for which the cloudwatch logging should be working) the problem persisted.
I've seen THIS thread, which talks about the problem, but the fix didn't work. My edited policy document looks like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::*"
]
},
{
"Sid" : "yaycloudwatchloggingherewego",
"Effect": "Allow",
"Action": [
"logs:*"
],
"Resource": [
"arn:aws:logs:::*"
]
}
]
}
I know there are some redundancies. I simply kept the default 'S3 execution role' policy and used copy-paste for the suggested fix.
I also checked the aws resource status page, HERE, and all services are running normally.
My main question: Is this problem something I need to fix in my code, or is there some bigger problem I need to fix?
Any help would be appreciated. Thanks!
