[英]AWS: Permissions for exporting logs from Cloudwatch to Amazon S3
[英]AWS Cloudformation How to send logs from CloudWatch Logs to S3
我想使用 Cloudformation 將 EC2 日志從 CloudWatch Logs 發送到 S3。 我收到以下消息 Error parsing ARN from given role or target (Service: AWSLogs; Status Code: 400; Error Code: InvalidParameterException; Request ID: 357e76a9-5ade-48a6-8206-84092390602f; Proxy: null)
我不明白我下面的代碼中哪一部分是錯誤的。 你可以幫幫我嗎?
S3:
Type: 'AWS::S3::Bucket'
Properties:
BucketName: vocsample01
AccessControl: Private
CloudWatch 日志:
Type: 'AWS::Logs::Destination'
Properties:
DestinationName: vocsample01
DestinationPolicy: >
{"Version": "2012-10-17","Statement": [
{"Effect": "Allow","Action": "logs:*","Resource": "*"}]}
RoleArn: arn:aws:iam::009150350157:role/vocsample
TargetArn: arn:aws:s3:::vocsample0
S3不能是 Log destination 。 有效目的地是:
如果要將日志加載到 S3,則必須先設置 firehose:
CW Logs ---> Firehose ---> S3
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.