Closed flaaming-sideburns closed 3 years ago
Good catch, it's interesting that the lambda function is now trying to list access points in EFS.
@janiflaaming since you already have the fix ready, would mind sending us a PR?
I tried that but I'm getting some error with the permissions:
`vsp@vsp-Virtual-Machine:~/projects/terraform-aws-datadog$ git push --set-upstream origin add-missing-iam-permissions ERROR: Permission to scribd/terraform-aws-datadog.git denied to janiflaaming. fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.`
Created pull request https://github.com/scribd/terraform-aws-datadog/pull/18
Fixed by #18
Datadog Lambda Forwarder 3.17.0 with version v1.3.0 is causing following errors: 1) User: arn:aws:sts::XXX:assumed-role/datadog-integration-role/vault-app3.eu1.prod.dog-datadog-delancie-crawler is not authorized to perform: states:ListStateMachines on resource: arn:aws:states:XXX:XXX:stateMachine:*
2) User: arn:aws:sts::XXX:assumed-role/datadog-integration-role/vault-app3.eu1.prod.dog-datadog-delancie-crawler is not authorized to perform: elasticfilesystem:DescribeAccessPoints on the specified resource
This could be resolved by adding following rows to main.tf: `@@ -76,6 +76,7 @@ resource "aws_iam_policy" "datadog-core" { "elasticfilesystem:DescribeAccessPoints", @@ -115,6 +116,7 @@ resource "aws_iam_policy" "datadog-core" { "states:ListStateMachines",