Troubleshooting a Terraform Apply failing due to a CloudWatch Logs role ARN must be set error
Journey: 📊 Community Builder 📊
Subject matter: 💡 Troubleshooting 💡
Task: Troubleshooting a Terraform Apply failing due to a CloudWatch Logs role ARN must be set error
While working on a build to deploy a REST API using API Gateway linked here, the Terraform apply failed mid-way through. The code base for this project is probably the largest I have worked with so far, with hundreds of lines of config to work through.
Problem observed:
When running the Terraform Apply, I encountered this error:
“CloudWatch Logs role ARN must be set in account settings to enable logging”
Investigations:
After some investigations online, I decided a quick way to fix the issue was to do it manually using the fix listed here.
This was great and would have worked, but as I could not resume my Terraform state I had to destroy the environment again before I could recreate it.
This gave me a problem as I was then destroying the environment that had my manual fix within.
The only way to get this working was to add to the Terraform config.
I performed some further troubleshooting and managed to find a way forward!
Fix required:
This is the code I needed to add:
When I attempt to paste the code into this page it does not format correctly unfortunately, however you can copy the code from here.
But where to introduce it!?
I then needed to locate where to add the new code to.
After checking back at the error seen in the Terraform apply stage, I realised it was deep in the api_gateway.tf file… around line 360!
I updated my templates as follows:
Template update area:
Terraform creation success:
If this post helps just one other person, it has served its purpose well!