Automatically create and configure Amazon CloudWatch alarms for EC2 instances, RDS, and AWS Lambda using tags for standard and custom CloudWatch Metrics.
Upon terminating an instance the permissions error log is generated for the Lambda function:
[ERROR] 2021-01-21T16:50:16.960Z
Error deleting alarms for instance i-xxxxxxxxxxxxxxx!: An error occurred (AccessDenied) when calling the DescribeAlarms operation: User: arn:aws:sts::xxxxxxxxxxxx:assumed-role/cloudwatch-auto-alarms-CloudWatchAutoAlarmLambdaRo-xxxxxxxxxxx/CloudWatchAutoAlarms is not authorized to perform: cloudwatch:DescribeAlarms on resource: arn:aws:cloudwatch:us-east-1:xxxxxxxxxxxxxxxx:alarm:* |
Upon terminating an instance the permissions error log is generated for the Lambda function:
[ERROR] 2021-01-21T16:50:16.960Z Error deleting alarms for instance i-xxxxxxxxxxxxxxx!: An error occurred (AccessDenied) when calling the DescribeAlarms operation: User: arn:aws:sts::xxxxxxxxxxxx:assumed-role/cloudwatch-auto-alarms-CloudWatchAutoAlarmLambdaRo-xxxxxxxxxxx/CloudWatchAutoAlarms is not authorized to perform: cloudwatch:DescribeAlarms on resource: arn:aws:cloudwatch:us-east-1:xxxxxxxxxxxxxxxx:alarm:* |