IAM Policy to use the CloudWatch Logs feature

So I have followed the getting started guide and the instructions on the '/app/kibana#/home/tutorial/cloudwatchLogs?_g=()' page, but when deploying the CloudFormation stack, I keep getting permission errors that are not outlined in any of the guides.

Can someone share the policy they used?

Every time I incur a permissions error, I delete the stack and redploy, finding new errors.

For instance, at one point I didn't have the 'IAM:GetRole' permission. I fixed that, then I needed the 'iam:CreateRole' permission. Then the 'logs:CreateLogGroup'

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.