aws

An error occurred (InvalidParameterException) when calling the PutSubscriptionFilter operation: Could not execute the lambda function. Make sure you have given CloudWatch Logs permission to execute your function.

 CloudWatch logs から lambda subscription-filter しようとした際、以下のようなエラーになった。

An error occurred (InvalidParameterException) when calling the PutSubscriptionFilter operation: Could not execute the lambda function. Make sure you have given CloudWatch Logs permission to execute your function.

対処法は以下の通り lambda に対しパーミッションを追加する必要がある

aws --profile mfa  lambda add-permission --function-name "lambda function name"  \
--statement-id "lambdapermission-xxxxxxxxx-uniq"  \
--principal "logs.ap-northeast-1.amazonaws.com"  \
--action "lambda:InvokeFunction"  \
--source-arn "arn:aws:logs:ap-northeast-1:1234567890:log-group:/aws/lambda/hogehoge-lambda-function:*"  \
--source-account "1234567890" --region=ap-northeast-1