search

DataDog / cloudformation-template

Easily set up the Datadog AWS integration using CloudFormation
Apache License 2.0
34 stars 44 forks source link

Missing cloudwatch:TagResource permissions #66

Open billyshambrook opened 1 year ago

billyshambrook commented 1 year ago

Expected Behavior

Actual Behavior

Am getting the following error when executing the streams_main.yaml

Resource handler returned message: "Resource of type 'Stack set operation [00000000-0000-0000-0000-000000000000] was unexpectedly stopped or failed. status reason(s): [ResourceLogicalId:DatadogMetricStreamAllNamespaces, ResourceType:AWS::CloudWatch::MetricStream, ResourceStatusReason:Resource handler returned message: "Invalid request provided: User: arn:aws:sts::1234567890123:assumed-role/DatadogStreamStackSetExecutionRole/00000000-0000-0000-0000-000000000000 is not authorized to perform: cloudwatch:TagResource on resource: arn:aws:cloudwatch:ap-south-1:1234567890123:metric-stream/datadog-metrics-stream because no identity-based policy allows the cloudwatch:TagResource action" (RequestToken: 00000000-0000-0000-0000-000000000000, HandlerErrorCode: InvalidRequest).]' with identifier 'DatadogStreams:00000000-0000-0000-0000-000000000000' did not stabilize." (RequestToken: 00000000-0000-0000-0000-000000000000, HandlerErrorCode: NotStabilized)

Steps to Reproduce the Problem

1. 1. 1.

Specifications

Stacktrace

  Paste here