From 98971a4c05575906066588942352e9ee0d671df7 Mon Sep 17 00:00:00 2001 From: Anders Emil Salvesen Date: Sat, 6 Dec 2025 23:49:25 +0100 Subject: [PATCH] Fix syntax for cloudtrail_org s3 and lambda lists cloudtrail-org fails with: ``` This Custom::LambdaCustomResource resource is in a CREATE_FAILED state. Received response status [FAILED] from custom resource. Message returned: An error occurred (InvalidEventSelectorsException) when calling the PutEventSelectors operation: Value arn:aws:s3:::* for DataResources.Values is invalid. ``` and: ``` Received response status [FAILED] from custom resource. Message returned: An error occurred (InvalidEventSelectorsException) when calling the PutEventSelectors operation: Value arn:aws:lambda:* for DataResources.Values is invalid. ``` Fixing this by correcting the syntax. --- .../solutions/cloudtrail/cloudtrail_org/lambda/src/app.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws_sra_examples/solutions/cloudtrail/cloudtrail_org/lambda/src/app.py b/aws_sra_examples/solutions/cloudtrail/cloudtrail_org/lambda/src/app.py index 41cd9a54..a7802b09 100644 --- a/aws_sra_examples/solutions/cloudtrail/cloudtrail_org/lambda/src/app.py +++ b/aws_sra_examples/solutions/cloudtrail/cloudtrail_org/lambda/src/app.py @@ -144,14 +144,14 @@ def get_data_event_config( } event_list: list = [] if enable_s3_data_events: - s3_data_resource: DataResourceTypeDef = {"Type": "AWS::S3::Object", "Values": [f"arn:{aws_partition}:s3:::*"]} + s3_data_resource: DataResourceTypeDef = {"Type": "AWS::S3::Object", "Values": [f"arn:{aws_partition}:s3:::"]} event_list.append(s3_data_resource) LOGGER.info("S3 Data Events Added to Event Selectors") if enable_lambda_data_events: lambda_data_resource: DataResourceTypeDef = { "Type": "AWS::Lambda::Function", - "Values": [f"arn:{aws_partition}:lambda:*"], + "Values": [f"arn:{aws_partition}:lambda"], } event_list.append(lambda_data_resource) LOGGER.info("Lambda Data Events Added to Event Selectors")