要为Lambda函数LogsToElasticsearch_opensearch添加CloudWatch Logs触发器并指定日志组,您可以使用以下命令:

aws logs put-resource-policy \
    --policy-name "LambdaLogsToElasticsearch_opensearch" \
    --policy-document '{
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "LambdaLogsToElasticsearch_opensearch",
                "Effect": "Allow",
                "Principal": {
                    "Service": "lambda.amazonaws.com"
                },
                "Action": "logs:CreateLogStream",
                "Resource": "arn:aws:logs:REGION:ACCOUNT_ID:log-group:LOG_GROUP_NAME:*"
            },
            {
                "Sid": "LambdaLogsToElasticsearch_opensearch",
                "Effect": "Allow",
                "Principal": {
                    "Service": "lambda.amazonaws.com"
                },
                "Action": "logs:PutLogEvents",
                "Resource": "arn:aws:logs:REGION:ACCOUNT_ID:log-group:LOG_GROUP_NAME:*:*"
            }
        ]
    }'

请将以下内容替换为您的实际值:

  • REGION - 日志组所在的AWS区域。
  • ACCOUNT_ID - 您的AWS账户ID。
  • LOG_GROUP_NAME - 要添加Lambda触发器的日志组名称。

这将创建一个名为"LambdaLogsToElasticsearch_opensearch"的资源策略,允许Lambda函数访问指定的日志组。然后,您可以使用AWS管理控制台或AWS CLI将CloudWatch Logs触发器添加到Lambda函数,以将日志发送到Elasticsearch_opensearch

lambda函数LogsToElasticsearch_opensearch的cloudwatch logs trigger添加日志组的的命令

原文地址: https://www.cveoy.top/t/topic/hKKr 著作权归作者所有。请勿转载和采集!

免费AI点我,无需注册和登录