[英]AWS CloudWatch - Log group does not exist
I'm getting this error message when trying to see the log file in AWS CloudWatch for my AWS Lambda function.尝试在 AWS CloudWatch 中查看我的 AWS Lambda 函数的日志文件时收到此错误消息。
An error occurred while describing log streams.
The specified log group does not exist.
Log group does not exist
The specific log group: /aws/lambda/xxxxx does not exist in this account or region.
By the way, I'm using the Singapore region.顺便说一下,我使用的是新加坡地区。
Make sure that your Lambda function's execution role has sufficient permissions to write logs to CloudWatch, and that the log group resource in the IAM policy includes your function's name.确保您的 Lambda 函数的执行角色具有将日志写入 CloudWatch 的足够权限,并且 IAM 策略中的日志组资源包含您的函数名称。
In the IAM console, review and edit the IAM policy for the execution role to make sure that:在 IAM 控制台中,查看并编辑执行角色的 IAM 策略以确保:
Note: If you don't need custom permissions for your function, you can attach the managed policy AWSLambdaBasicExecutionRole, which allows Lambda to write logs to CloudWatch.注意:如果您的函数不需要自定义权限,您可以附加托管策略 AWSLambdaBasicExecutionRole,它允许 Lambda 将日志写入 CloudWatch。
The AWS Region specified in the Amazon Resource Name (ARN) is the same as your Lambda function's Region. Amazon 资源名称 (ARN) 中指定的 AWS 区域与您的 Lambda 函数的区域相同。
The log-group resource includes your Lambda function name.日志组资源包括您的 Lambda 函数名称。 For example, if your function is named myLambdaFunction, the log-group is /aws/lambda/myLambdaFunction.例如,如果您的函数名为 myLambdaFunction,则日志组为 /aws/lambda/myLambdaFunction。
Here is an example of the permissions in the JSON format以下是 JSON 格式的权限示例
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "logs:CreateLogGroup",
"Resource": "arn:aws:logs:region:accountId:*"
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
" arn:aws:logs:region:accountId:log-group:/aws/lambda/functionName:*"
]
}
]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.