cloudposse/terraform-aws-cloudwatch-logs (cloudposse/cloudwatch-logs/aws)
### [`v0.6.8`](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/releases/tag/v0.6.8)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/compare/0.6.7...v0.6.8)
#### ๐ Enhancements
Fix mistake in policy. Part2 @ramses999 (#39)
#### what
This is just a continuation of the fix [https://github.com/cloudposse/terraform-aws-cloudwatch-logs/pull/38](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/pull/38).
Prod environment tested. That's how it works correctly.
### [`v0.6.7`](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/releases/tag/0.6.7)
[Compare Source](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/compare/0.6.6...0.6.7)
#### ๐ Enhancements
Fix mistake in policy @ramses999 (#38)
#### what
Fix mistake in policy
#### why
The policy is created simply by ARN without the ":" construct, which is necessary to create the correct policy for the role.
Without this ":" construct, the policy is created, but it does not work correctly.
This error was discovered when I tried to create a cloudwatch group in the cloudtrail module.
I got the response "Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Access denied. Verify in IAM that the role has adequate permissions."
After studying the code, I realized that I need to add the construction ":*" in a couple of lines.
My solution looks like this, I need to replace the lines in [file](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/blob/master/iam.tf) :
This line:
join("", aws_cloudwatch_log_group.default.*.arn),
replaced by
"${join("", aws_cloudwatch_log_group.default.*.arn)}:\*"
You need to do this in both identical lines.
Perhaps you can suggest a better solution, I'm new to terraforming.
#### references
[https://github.com/cloudposse/terraform-aws-cloudwatch-logs/issues/37](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/issues/37)
https://github.com/cloudposse/terraform-aws-cloudwatch-logs/blob/master/iam.tf#L55
Configuration
๐ Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
๐ฆ Automerge: Disabled by config. Please merge this manually once you are satisfied.
โป Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
๐ Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
0.6.6->0.6.8Release Notes
cloudposse/terraform-aws-cloudwatch-logs (cloudposse/cloudwatch-logs/aws)
### [`v0.6.8`](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/releases/tag/v0.6.8) [Compare Source](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/compare/0.6.7...v0.6.8) #### ๐ EnhancementsFix mistake in policy. Part2 @ramses999 (#39)
#### what This is just a continuation of the fix [https://github.com/cloudposse/terraform-aws-cloudwatch-logs/pull/38](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/pull/38). Prod environment tested. That's how it works correctly.Fix mistake in policy @ramses999 (#38)
#### what Fix mistake in policy #### why The policy is created simply by ARN without the ":" construct, which is necessary to create the correct policy for the role. Without this ":" construct, the policy is created, but it does not work correctly. This error was discovered when I tried to create a cloudwatch group in the cloudtrail module. I got the response "Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Access denied. Verify in IAM that the role has adequate permissions." After studying the code, I realized that I need to add the construction ":*" in a couple of lines. My solution looks like this, I need to replace the lines in [file](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/blob/master/iam.tf) : This line: join("", aws_cloudwatch_log_group.default.*.arn), replaced by "${join("", aws_cloudwatch_log_group.default.*.arn)}:\*" You need to do this in both identical lines. Perhaps you can suggest a better solution, I'm new to terraforming. #### references [https://github.com/cloudposse/terraform-aws-cloudwatch-logs/issues/37](https://togithub.com/cloudposse/terraform-aws-cloudwatch-logs/issues/37) https://github.com/cloudposse/terraform-aws-cloudwatch-logs/blob/master/iam.tf#L55Configuration
๐ Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
๐ฆ Automerge: Disabled by config. Please merge this manually once you are satisfied.
โป Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
๐ Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.