Probably, if you are reading this article, you are facing the following bug after you've run a Task or Service in ECS:
ResourceInitializationError: failed to validate logger args: create stream has been retried 1 times: failed to create Cloudwatch log stream: ResourceNotFoundException: The specified log group does not exist. : exit status 1
This is happening because your task doesn't have permission to create the CloudWatch Log. To fix it, you must make changes using the JSON format definition. The first one is to add the following line in the logConfiguration
section:
"awslogs-create-group": "true"
It will look like this:
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-create-group": "true",
"awslogs-group": "/YOUR_CLOUD_WATCH_LOCATION",
"awslogs-region": "YOUR_AWS_REGION",
"awslogs-stream-prefix": "ecs"
}
}
The second change, you must add a new inline policy to the role that is running your task (check in the Task definition).
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup"
],
"Resource": "*"
}
]
}
That's all that you need. After you make these changes, your task or service should start running as expected.
Top comments (0)