aws-security-reference-architecture-examples
aws-security-reference-architecture-examples copied to clipboard
aws-samples
[BUG] InvalidEventSelectorsException when calling the PutEventSelectors operation
Describe the bug
When running the sra-easy-setup with the CloudTrail solution, and these parameters set:
- parameter_key: pEnableLambdaDataEvents
parameter_value: "true"
- parameter_key: pEnableS3DataEvents
parameter_value: "true"
the CloudTrail stack creation fails with this error:
This Custom::LambdaCustomResource resource is in a CREATE_FAILED state.
Received response status [FAILED] from custom resource. Message returned: An error occurred (InvalidEventSelectorsException) when calling the PutEventSelectors operation: Value arn:aws:s3:::* for DataResources.Values is invalid.
and:
Received response status [FAILED] from custom resource. Message returned: An error occurred (InvalidEventSelectorsException) when calling the PutEventSelectors operation: Value arn:aws:lambda:* for DataResources.Values is invalid.
To Reproduce
Steps to reproduce the behavior:
Run the sra-easy-setup with the CloudTrail solution on an empty organization with ControlTower and CfCT, and these parameters set:
- parameter_key: pEnableLambdaDataEvents
parameter_value: "true"
- parameter_key: pEnableS3DataEvents
parameter_value: "true"
Expected behavior
The trail with lambda and s3 events should be created.
Screenshots
If applicable, add screenshots to help explain your problem.
Deployment Environment (please complete the following information)
- Deployment Framework: Customizations for Control Tower
- Deployment Framework Version: 2.8.3
Additional context
Add any other context about the problem here.
