DEVHIDE
Login Or Sign up

ECS awslogs Log group not being created for Task

12.4k Views Asked by At

Here's part of my task definition:

"logConfiguration": {
      "logDriver": "awslogs",
      "options": {
        "awslogs-group": "/ecs/main-frontend-production-php",
        "awslogs-region": "us-west-1",
        "awslogs-stream-prefix": "ecs",
        "awslogs-create-group": "true"
      }
    },

If I go view the task in the aws console it says the log driver is awslogs and to "View logs in cloudwatch" as soon as I click that I get an error: There was an error getting log events. The specified log group does not exist. and there are no logs.

Kind of at a loss, it seems like from this: https://docs.aws.amazon.com/AmazonECS/latest/userguide/using_awslogs.html that I'm doing it right?

Right now my tasks are stuck in "PENDING" and I have no logs to go off of to find out why.

amazon-web-services amazon-ecs amazon-cloudwatch ecs-taskdefinition
Original Q&A
3

There are 3 best solutions below

1
On BEST ANSWER

Ok I finally figured this one out. The reason I had no cloud watch logs was because the image was not getting pulled from ECR. I was always under the impression that "latest" was some magical docker tag. Apparently it's not and I have to actually tag it latest for it to find it.

I think the cloudwatch logs would have been working all along, but the image couldn't get pulled, so there were no logs to speak of.

1
On

This will occur as the result of invalid permissions to write to CloudWatch logs.

You must attach permissions to the role you are using.

Follow the Using CloudWatch Logs with container instances documentation if you're unsure of how to do this.

0
On

The possible reason that causes this error as the error seems like the container instance able to get the list of Log group.

  • Make sure the container and log group are in the same region us-west-1.
  • Make sure the container has permission to create a log group
  • Just to narrow down the problem just create log-group /ecs/main-frontend-production-php using aws cli or aws console so you will know the actual reason as it because of region or permission.
aws logs create-log-group --log-group-name /ecs/main-frontend-production-php --region us-west-1

policy should look like

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
                "logs:DescribeLogStreams"
            ],
            "Resource": [
                "arn:aws:logs:*:*:*"
            ]
        }
    ]
}

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-ECS

Related Questions in AMAZON-CLOUDWATCH

Related Questions in ECS-TASKDEFINITION

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.