Why can't I see CloudWatch Logs for Lambda function?

1
votes

I wanted to be able to monitor logs in Cloudwatch when my Lambda being executed, currently there is a section on the top of Lambda console:

enter image description here

It's showing me any error I got when the Lambda is being executed, but if I click on logs, it will direct me to CloudWatch and showing me log group does not exist, does anyone know why and how I'll be able to see the logs in Cloudwatch? (I thought it'll be automatical...)

3
amazon-web-servicesaws-lambdaamazon-cloudwatchamazon-cloudwatchlogs
Can you show if the function even starts or it crashed before your code being run ?Traycho Ivanov

3 Answers

4
votes

The most common cause of this problem is that you have not assigned an IAM role to your Lambda function that has permission to create logs in CloudWatch.

4
votes

Your AWS Lambda function needs the following permissions to access CloudWatch Logs:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "*"
        }
    ]
}

This will give it permission to create a log group and store events in the log group.

The easiest way to assign this permission is by adding the AWSLambdaBasicExecutionRole managed policy to the IAM Role being used by your Lambda function.

0
votes

Your log group should be created automatically.

If you click on details arrow you will see the reason it failed, probably it crashed.

I suppose you got a lambda runtime error, before your handler is run.