aws-eks: CloudWatch Logs Resource Policy Size Exceeded for Cluster Resource Provider #28744
Description
Describe the bug
When deploying an EKS cluster, running into error for the Cluster Resource Provider, stating "the CloudWatch Logs Resource Policy size was exceeded. We suggest prefixing your CloudWatch log group name with /aws/vendedlogs/states/"
Expected Behavior
Successful deployment of EKS cluster resource provider
Current Behavior
EKS Cluster is failing
Logical ID - Providerwaiterstatemachine
Status Reason - Resource handler returned message: "Invalid Logging Configuration: The CloudWatch Logs Resource Policy size was exceeded. We suggest prefixing your CloudWatch log group name with /aws/vendedlogs/states/. (Service: AWSStepFunctions; Status Code: 400; Error Code: InvalidLoggingConfiguration;
Reproduction Steps
const cluster = new eks.Cluster(this, "TestCluster", {
version: eks.KubernetesVersion.V1_27,
mastersRole: clusterAdmin,
clusterName: props.clusterName,
defaultCapacity: 0,
vpc: this.vpc,
vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE_WITH_NAT }],
securityGroup: TestSecurityGroup,
});
Possible Solution
append CloudWatch log group with /aws/vendedlogs/states/
Additional Information/Context
I have tried multiple deployments int he account and the deployment was previously successful, until the deployment started failing. I've tried several more time int he same account and I run into the same error every time. However, deploying the same code in a different account works.
CDK CLI Version
2.114.0
Framework Version
No response
Node.js Version
20.10.0
OS
macos
Language
TypeScript
Language Version
No response
Other information
No response