Optimized for: Gemini / ChatGPT / Claude
Advanced AI Prompt for AWS IAM Policy for CloudWatch Logs with Log Group Restriction
Use this engineered prompt to drastically optimize your workflow and output.
Required Variables
- ✦
[LOG_GROUP_NAME] - ✦
[REGION] - ✦
[ACCOUNT_ID]
advanced-ai-prompt-cloudwatch-logs-least-privilege.txt
Generate a JSON IAM policy for an application that needs to write logs to CloudWatch. Restrict 'logs:CreateLogStream' and 'logs:PutLogEvents' to the specific log group 'arn:aws:logs:[REGION]:[ACCOUNT_ID]:log-group:[LOG_GROUP_NAME]:*'. Prevent the application from creating new log groups or deleting existing ones. This ensures the application cannot interfere with other logging streams.
Example Output
"The AI produces a precise policy limiting the 'Resource' field to the specific log group ARN, preventing global CloudWatch access."