aws-security-reference-architecture-examples icon indicating copy to clipboard operation
aws-security-reference-architecture-examples copied to clipboard
verified publisher icon aws-samples

Fix syntax for cloudtrail_org s3 and lambda lists

Open andersem opened this issue 1 month ago • 0 comments

When running the sra-easy-setup with the CloudTrail solution, and these parameters set:

- parameter_key: pEnableLambdaDataEvents
  parameter_value: "true"
- parameter_key: pEnableS3DataEvents
  parameter_value: "true"

the CloudTrail stack creation fails with this error:

This Custom::LambdaCustomResource resource is in a CREATE_FAILED state.

Received response status [FAILED] from custom resource. Message returned: An error occurred (InvalidEventSelectorsException) when calling the PutEventSelectors operation: Value arn:aws:s3:::* for DataResources.Values is invalid.

and:

Received response status [FAILED] from custom resource. Message returned: An error occurred (InvalidEventSelectorsException) when calling the PutEventSelectors operation: Value arn:aws:lambda:* for DataResources.Values is invalid.

Fixing this by correcting the syntax.

Fixes https://github.com/aws-samples/aws-security-reference-architecture-examples/issues/335

By submitting this pull request, I confirm that my contribution is made under the terms of the [Apache 2.0 license].

Apache 2.0 License

andersem avatar Dec 07 '25 00:12 andersem