Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When creating resource "aws_cloudwatch_log_subscription_filter", expected permissions required should not include "logs:DesribeLogGroups". #12124

Open
ghost opened this issue Feb 21, 2020 · 1 comment
Open

When creating resource "aws_cloudwatch_log_subscription_filter", expected permissions required should not include "logs:DesribeLogGroups". #12124

ghost opened this issue Feb 21, 2020 · 1 comment
Labels
service/cloudwatch Issues and PRs that pertain to the cloudwatch service. waiting-response Maintainers are waiting on response from community or contributor.

Comments

@ghost
Copy link

ghost commented Feb 21, 2020

This issue was originally opened by @haleoanodon as hashicorp/terraform#24182. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

0.12.21

Terraform Configuration Files

resource "aws_cloudwatch_log_subscription_filter" "log_subscription_filter" {
    name = "..."
    log_group_name = "/aws/lambda/debuggingexample"
    filter_pattern  = "\"Task timed out\""
    destination_arn = "..."
}

Debug Output

Crash Output

Expected Behavior

Expected adding a subscription filter should require the specific log group to add it to.

Actual Behavior

In addition to requiring the specific log group to add it to, terraform requires listing all the log groups

Steps to Reproduce

terraform init
terraform plan
terraform apply

Additional Context

References
@ghost ghost added service/cloudwatchlogs service/cloudwatch Issues and PRs that pertain to the cloudwatch service. labels Feb 21, 2020
@ghost ghost mentioned this issue Feb 21, 2020
Closed
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Feb 21, 2020
@justinretzolk
Copy link
Member

Hey @haleoanodon 👋 Thank you for taking the time to file this issue! Given that there's been a number of AWS provider releases since you initially filed it, can you confirm whether or not you're still experiencing this behavior?

@justinretzolk justinretzolk added waiting-response Maintainers are waiting on response from community or contributor. and removed needs-triage Waiting for first response or review from a maintainer. labels Oct 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/cloudwatch Issues and PRs that pertain to the cloudwatch service. waiting-response Maintainers are waiting on response from community or contributor.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@justinretzolk @hc-github-team-terraform-aws