[英]AWS: Permissions for exporting logs from Cloudwatch to Amazon S3
[英]AWS Cloudformation How to send logs from CloudWatch Logs to S3
我想使用 Cloudformation 将 EC2 日志从 CloudWatch Logs 发送到 S3。 我收到以下消息 Error parsing ARN from given role or target (Service: AWSLogs; Status Code: 400; Error Code: InvalidParameterException; Request ID: 357e76a9-5ade-48a6-8206-84092390602f; Proxy: null)
我不明白我下面的代码中哪一部分是错误的。 你可以帮帮我吗?
S3:
Type: 'AWS::S3::Bucket'
Properties:
BucketName: vocsample01
AccessControl: Private
CloudWatch 日志:
Type: 'AWS::Logs::Destination'
Properties:
DestinationName: vocsample01
DestinationPolicy: >
{"Version": "2012-10-17","Statement": [
{"Effect": "Allow","Action": "logs:*","Resource": "*"}]}
RoleArn: arn:aws:iam::009150350157:role/vocsample
TargetArn: arn:aws:s3:::vocsample0
S3不能是 Log destination 。 有效目的地是:
如果要将日志加载到 S3,则必须先设置 firehose:
CW Logs ---> Firehose ---> S3
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.