# An error occurred (LimitExceededException) when calling the PutResourcePolicy operation: Resource policy limit reached for log group

- **ID:** `aws/cloudwatch-logs-resource-policy-limit`
- **Domain:** aws
- **Category:** resource_error
- **Error Code:** `LimitExceededException`
- **Verification:** ai_generated
- **Fix Rate:** 85%

## Root Cause

CloudWatch Logs resource policy size exceeds the 5120 character limit per account per region.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| cloudwatch-logs-2024 | active | — | — |
| aws-cli-2.16.0 | active | — | — |

## Workarounds

1. **List existing resource policies and remove unnecessary ones: aws logs describe-resource-policies. Then delete unused policies: aws logs delete-resource-policy --policy-name oldpolicy. Ensure total policy characters across all policies ≤ 5120.** (90% success)
   ```
   List existing resource policies and remove unnecessary ones: aws logs describe-resource-policies. Then delete unused policies: aws logs delete-resource-policy --policy-name oldpolicy. Ensure total policy characters across all policies ≤ 5120.
   ```
2. **Consolidate multiple resource policies into one by combining statements in a single policy document. Example: create a new policy with multiple statements using PutResourcePolicy.** (85% success)
   ```
   Consolidate multiple resource policies into one by combining statements in a single policy document. Example: create a new policy with multiple statements using PutResourcePolicy.
   ```

## Dead Ends

- **** — 删除日志组不会影响账户级别的资源策略限制。 (100% fail)
- **** — 更改保留期与资源策略配额无关。 (100% fail)