Closed mirajranpura closed 4 years ago
There must be resource AWS::Lambda::Permission for GDLifeCycleRule ( which is based on CloudTrail event CreateManagedAccount ) so that it can trigger GuardDutyEnablerLambda. Quick Fix is to add following snippet to Resources section:
CreateManagedAccount
GuardDutyEnablerPermissionForLifeCycleEventToInvokeLambda: Type: AWS::Lambda::Permission Properties: FunctionName: !GetAtt GuardDutyEnablerLambda.Arn Action: lambda:InvokeFunction Principal: events.amazonaws.com SourceArn: !GetAtt GDLifeCycleRule.Arn
There must be resource AWS::Lambda::Permission for GDLifeCycleRule ( which is based on CloudTrail event
CreateManagedAccount) so that it can trigger GuardDutyEnablerLambda. Quick Fix is to add following snippet to Resources section:GuardDutyEnablerPermissionForLifeCycleEventToInvokeLambda: Type: AWS::Lambda::Permission Properties: FunctionName: !GetAtt GuardDutyEnablerLambda.Arn Action: lambda:InvokeFunction Principal: events.amazonaws.com SourceArn: !GetAtt GDLifeCycleRule.Arn