search

aws-samples / communication-developer-services-reference-architectures

AWS Amazon Pinpoint and Amazon Simple Email Service (SES) Digital User Engagement Reference Architectures with CloudFormation templates.
MIT No Attribution
98 stars 69 forks source link

SES bounce logging needed a change to the lambda role #22

Closed actiondannz closed 3 months ago

actiondannz commented 7 months ago

Description of changes: Added additional resource 'arn:aws:logs:::log-group:/aws/lambda/*' to the policy document.

Explanation Because lambda functions log to cloudwatch logs, the LambdaRole needs to be able to create the log group for that so needs CreateLogGroup access for resounce '/aws/lambda/*'. Without this the lambda console function monitoring page reports an error as the log group for monitoring executions won't exist.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

actiondannz commented 3 months ago

I think this should still be adjusted in the samples.