A newer version is available. For the latest information, see the
current release documentation.
Lambda resource-based policy for CloudWatch Logs subscription filter input
editLambda resource-based policy for CloudWatch Logs subscription filter input
editFor CloudWatch Logs subscription filter log group resources that you want to use as triggers for the forwarder, the following is allowed as a resource-based policy in separate Policy statements:
* Principal: logs.%AWS_REGION%.amazonaws.com * Action: lambda:InvokeFunction * Source ARN: arn:aws:logs:%AWS_REGION%:%AWS_ACCOUNT_ID%:log-group:%LOG_GROUP_NAME%:*