Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Check the log group ARN: CloudTrail can't validate it. #18038

manojchandrabss · 2021-03-11T06:09:05Z

Hi,

I'm getting InvalidCloudWatchLogsLogGroupArnException error. I'm not sure why it is failing. everything looks good.
Please help me to resolve this issue.

Terraform v0.12.23

provider.archive v1.3.0
provider.aws v3.30.0
provider.firebom v0.5.2
provider.vault v2.13.0

resource "aws_cloudtrail" "new_account_cloudtrail" {
  name                          = "NewAccountCloudtrail"
  s3_bucket_name                = aws_s3_bucket.bucket_lambda_log.id
  s3_key_prefix                 = "cloudtrail"
  include_global_service_events = false

  depends_on = [
    aws_s3_bucket_policy.force_ssl_only_access_lambda_log,
    aws_iam_role.role_new_accounts_cloudwatch,
    aws_cloudwatch_log_group.new_accounts_log_group
  ]
  cloud_watch_logs_role_arn  = "${aws_iam_role.role_new_accounts_cloudwatch.arn}"
  cloud_watch_logs_group_arn = "${aws_cloudwatch_log_group.new_accounts_log_group.arn}:*"

  provider = aws.region

  tags       = var.platform_mandatory_tags
  kms_key_id = aws_kms_key.new_account_key.arn

  event_selector {
    read_write_type           = "All"
    include_management_events = false

    data_resource {
      type   = "AWS::Lambda::Function"
      values = [aws_lambda_function.new_accounts_function.arn]
    }
  }
}

Error below:

[INFO] Running Terraform apply...
aws_cloudtrail.new_account_cloudtrail: Modifying... [id=NewAccountCloudtrail]

Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Check the log group ARN: CloudTrail can't validate it.

  on cloudtrail.tf line 1, in resource "aws_cloudtrail" "new_account_cloudtrail":
   1: resource "aws_cloudtrail" "new_account_cloudtrail" {

The text was updated successfully, but these errors were encountered:

ljluestc · 2023-10-21T19:17:16Z


resource "aws_cloudtrail" "new_account_cloudtrail" {
  name                          = "NewAccountCloudtrail"
  s3_bucket_name                = aws_s3_bucket.bucket_lambda_log.id
  s3_key_prefix                 = "cloudtrail"
  include_global_service_events = false

  depends_on = [
    aws_s3_bucket_policy.force_ssl_only_access_lambda_log,
    aws_iam_role.role_new_accounts_cloudwatch,
    aws_cloudwatch_log_group.new_accounts_log_group
  ]
  cloud_watch_logs_role_arn  = aws_iam_role.role_new_accounts_cloudwatch.arn
  cloud_watch_logs_group_arn = aws_cloudwatch_log_group.new_accounts_log_group.arn

  provider = aws.region

  tags       = var.platform_mandatory_tags
  kms_key_id = aws_kms_key.new_account_key.arn

  event_selector {
    read_write_type           = "All"
    include_management_events = false

    data_resource {
      type   = "AWS::Lambda::Function"
      values = [aws_lambda_function.new_accounts_function.arn]
    }
  }
}

ghost added the service/cloudtrail Issues and PRs that pertain to the cloudtrail service. label Mar 11, 2021

github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Mar 11, 2021

breathingdust added question A question about existing functionality; most questions are re-routed to discuss.hashicorp.com. and removed needs-triage Waiting for first response or review from a maintainer. labels Sep 8, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Check the log group ARN: CloudTrail can't validate it. #18038

Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Check the log group ARN: CloudTrail can't validate it. #18038

manojchandrabss commented Mar 11, 2021

ljluestc commented Oct 21, 2023 •

edited

Loading

Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Check the log group ARN: CloudTrail can't validate it. #18038

Error: Error updating CloudTrail: InvalidCloudWatchLogsLogGroupArnException: Check the log group ARN: CloudTrail can't validate it. #18038

Comments

manojchandrabss commented Mar 11, 2021

ljluestc commented Oct 21, 2023 • edited Loading

ljluestc commented Oct 21, 2023 •

edited

Loading