A newer version is available. For the latest information, see the current release documentation.
« Permissions and policies Use AWS Secrets Manager »
Elastic Docs Observability Guide [7.17] Send data to Elasticsearch Elastic Serverless Forwarder for AWS Configuration options for Elastic Serverless Forwarder Permissions and policies

Lambda resource-based policy for CloudWatch Logs subscription filter input

edit
Lambda resource-based policy for CloudWatch Logs subscription filter input
edit

For CloudWatch Logs subscription filter log group resources that you want to use as triggers for the forwarder, the following is allowed as a resource-based policy in separate Policy statements:

  * Principal: logs.%AWS_REGION%.amazonaws.com
  * Action: lambda:InvokeFunction
  * Source ARN: arn:aws:logs:%AWS_REGION%:%AWS_ACCOUNT_ID%:log-group:%LOG_GROUP_NAME%:*
« Permissions and policies Use AWS Secrets Manager »