发表新帖
发表新帖

Can't get AWS Lambda function to log (text output) to CloudWatch

后端 未结
关注
15 463
独厮守ぢ
独厮守ぢ 2020-12-13 12:14

I\'m trying to set up a Lambda function that will process a file when it\'s uploaded to an S3 bucket. I need a way to see the output of console.log when I uploa

相关标签:
15条回答
  • 北荒
    2020-12-13 12:18

    July 2020 Update !!

    Logs may not be in us-east-1, try looking for lambda edge logs in different regions !!

    0 讨论(0)
  • 轮回少年
    2020-12-13 12:21

    As other answers state you need to give lambda permission to post logs to cloud watch logs. AWS had provided AWSLambdaExecute policy just for that. It's json is -

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:*"
            ],
            "Resource": "arn:aws:logs:*:*:*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::*"
        }
    ]
}

    You can add this policy in your role which is assigned to your lambda and you should start seeing the logs.

    NOTE: It also has S3 read/write access. If you do not want it you can create a custom policy with just the logs part.

    0 讨论(0)
  • 误落风尘
    2020-12-13 12:22

    Maybe a bit late, but for those who still struggle with seeing the lambda logs in cloudwatch. I noticed this regarding the lambda function's execution role: "You may use an existing role with this function. Note that the role must be assumable by Lambda and must have Cloudwatch Logs permissions." So in IAM i granted " CloudWatchLogsFullAccess" to the role i assigned to my function. then in cloudwatch, under logs, you'll see the logs for the functions assigned this role.

    0 讨论(0)
  • 栀梦
    2020-12-13 12:26

    Apparently another necessity for logging to happen is the Lambda function must indicate completion; for instance in the Python context, the handler must return something other than None.

    0 讨论(0)
  • 伪装坚强ぢ
    2020-12-13 12:29

    For the lambda function to create log stream and publish logs to cloudwatch, the lambda execution role needs to have the following permissions.

    {
    "Statement": [
        {
            "Action": [
                "logs:CreateLogGroup",
                 "logs:CreateLogStream",
                 "logs:PutLogEvents"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:logs:*:*:*"
        }
    ]
}

    Please refer to the following AWS documentation for more details http://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html#lambda-intro-execution-role

    0 讨论(0)
  • 清歌不尽
    2020-12-13 12:31

    Make sure you have the full path of your "Existing role" in your lambda function "Configuration":

    Role: Choose an existing role Existing Role: service-role/yourRoleName

    For some reason, typing only yourRoleName will work for some services (like SES) but not for CloudWatch.

    Also, you may try creating a new role instead of using an existing one. This will create the role with the proper configuration (hopefully).

    0 讨论(0)
 看不清?
提交回复
热议问题