When creating resource "aws_cloudwatch_log_subscription_filter", expected permissions required should not include "logs:DesribeLogGroups". #12124
Labels
service/cloudwatch
Issues and PRs that pertain to the cloudwatch service.
waiting-response
Maintainers are waiting on response from community or contributor.
This issue was originally opened by @haleoanodon as hashicorp/terraform#24182. It was migrated here as a result of the provider split. The original body of the issue is below.
Terraform Version
Terraform Configuration Files
Debug Output
Crash Output
Expected Behavior
Expected adding a subscription filter should require the specific log group to add it to.
Actual Behavior
In addition to requiring the specific log group to add it to, terraform requires listing all the log groups
Steps to Reproduce
terraform init
terraform plan
terraform apply
Additional Context
References
The text was updated successfully, but these errors were encountered: