Deployment to AWS fails with "resource limit exceeded"

Deployment fails with the following message if you attempt to deploy a Lambda function that reads from a CloudWatch log group that already has a subscription filter defined on it:

CREATE_FAILED, ResourceStatusReason: Resource limit exceeded

The AWS limit on subscription filters is one per log group. If you’ve already deployed a Lambda function that monitors the log group, even if you deleted the function, the filter subscription might still exist.

To resolve this issue, use the AWS logs describe-subscription-filters command on the log group. For example, if you’re using the AWS CLI, run:

aws logs describe-subscription-filters --log-group-name /aws/lambda/hello-world-python

The output will look something like:

{
    "subscriptionFilters": [
        {
            "filterPattern": "",
            "filterName": "fnb-cloudwatch-stack-fnbcloudwatch3SFawslambdahelloworldpython-11WH0BC1BM1NP",
            "creationTime": 1565194872642,
            "logGroupName": "/aws/lambda/hello-world-python",
            "destinationArn": "arn:aws:lambda:us-east-2:551009506772:function:cloudwatch",
            "distribution": "ByLogStream"
        }
    ]
}

If you’re no longer using the subscription filter, you can use the AWS logs delete-subscription-filter command to delete it. For example:

aws logs delete-subscription-filter --log-group-name /aws/lambda/hello-world-python --filter-name fnb-cloudwatch-stack-fnbcloudwatch3SFawslambdahelloworldpython-11WH0BC1BM1NP

Before attempting to redeploy the function, you might need to go to the CloudFormation console in AWS and delete the stack that Functionbeat created for the failed deployment.