cloudformation-template icon indicating copy to clipboard operation
cloudformation-template copied to clipboard

Published 20 hours ago verified publisher icon DataDog

Missing cloudwatch:TagResource permissions

Open billyshambrook opened this issue 1 year ago • 0 comments

Expected Behavior

Actual Behavior

Am getting the following error when executing the streams_main.yaml

Resource handler returned message: "Resource of type 'Stack set operation [00000000-0000-0000-0000-000000000000] was unexpectedly stopped or failed. status reason(s): [ResourceLogicalId:DatadogMetricStreamAllNamespaces, ResourceType:AWS::CloudWatch::MetricStream, ResourceStatusReason:Resource handler returned message: "Invalid request provided: User: arn:aws:sts::1234567890123:assumed-role/DatadogStreamStackSetExecutionRole/00000000-0000-0000-0000-000000000000 is not authorized to perform: cloudwatch:TagResource on resource: arn:aws:cloudwatch:ap-south-1:1234567890123:metric-stream/datadog-metrics-stream because no identity-based policy allows the cloudwatch:TagResource action" (RequestToken: 00000000-0000-0000-0000-000000000000, HandlerErrorCode: InvalidRequest).]' with identifier 'DatadogStreams:00000000-0000-0000-0000-000000000000' did not stabilize." (RequestToken: 00000000-0000-0000-0000-000000000000, HandlerErrorCode: NotStabilized)

Steps to Reproduce the Problem

Specifications

  • Datadog CloudFormation template version:

Stacktrace

Paste here

billyshambrook avatar May 19 '23 23:05 billyshambrook