nakajiak
commented
1 year ago Hi, thanks for the feedback. Please let me know which region and deployment method: CDK or CloudFormation.
Closed sankalpwako closed 1 year ago
nakajiak
commented
1 year ago Hi, thanks for the feedback. Please let me know which region and deployment method: CDK or CloudFormation.
sankalpwako
commented
1 year ago Region : ap-southeast-1 deployment : cloudformation.
nakajiak
commented
1 year ago I tried 10 initial deploys and couldn't reproduce. Please tell us more about your environment.
sankalpwako
commented
1 year ago It was a initial deployment. The IAM role used to create the stack did not have the permissions for Administrator access.
But according to what I can read on the error message, the permissions for the log destination seems to be missing for the IAM role on the state machine. I had ruled out the permissions on the stack role for this issue, as the stack role needs permission to create a state machine, the log destination and the IAM role, which it does, the IAM role created for the state machine seems to have missing permissions for some reason.
Anyway, I used a earlier version (2.7.1) which is already running for me, and that launched perfectly. Used the same role there as well for the stack, But I don't think a state machine is a part of that stack.
nakajiak
commented
1 year ago The IAM policy is here. https://github.com/aws-samples/siem-on-amazon-opensearch-service/blob/v2.9.0/deployment/siem-on-amazon-opensearch-service.template#L1318-L1343
There is a possibility of an event occurring when exceeding 5120 characters, probably the reason written in this forum. https://repost.aws/questions/QURc2glxBETSe3Q6Y0UwcpQg/bug-with-logging-configuration
What is the result of this CLI command?
aws logs describe-resource-policies | wc -c
nakajiak
commented
1 year ago If you still have problems please reopen
Some permissions to access log destinations for the state machine seem to be missing in the latest versions.