Lambda functions should have logging enabled
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Lambda functions should have proper logging permissions to send logs to CloudWatch Logs for monitoring, debugging, and security auditing purposes. This check validates that the execution role has either the AWS managed logging policy or inline permissions for required CloudWatch Logs actions.
Attach the AWS managed policy AWSLambdaBasicExecutionRole to the Lambda execution role, or add inline permissions for logs:CreateLogGroup, logs:CreateLogStream, and logs:PutLogEvents. Refer to Sending Lambda function logs to CloudWatch Logs.
