From 03a5f690207ee57a089a24d0264bf038005bf69b Mon Sep 17 00:00:00 2001
From: aloftus23 <79927030+aloftus23@users.noreply.github.com>
Date: Fri, 29 Sep 2023 09:22:25 -0400
Subject: [PATCH] Give lambdas readonly access of cloudwatch logs (#2263)

---
 backend/serverless.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/backend/serverless.yml b/backend/serverless.yml
index 825aafd00..2dcfc03ec 100644
--- a/backend/serverless.yml
+++ b/backend/serverless.yml
@@ -57,6 +57,18 @@ provider:
             - s3:PutObject
             - s3:PutObjectAcl
           Resource: '*'
+        - Effect: Allow
+          Action:
+            - logs:Describe*,
+            - logs:Get*,
+            - logs:List*,
+            - logs:StartQuery,
+            - logs:StopQuery,
+            - logs:TestMetricFilter,
+            - logs:FilterLogEvents,
+            - logs:StartLiveTail,
+            - logs:StopLiveTail
+          Resource: '*'
 
 functions:
   - ${file(./src/tasks/functions.yml)}