How do I resolve the "Write Not Enabled" error for Amazon S3 bucket access logs in Trusted Advisor?

Short description

After you activate Amazon S3 server access logging, additional modifications might result in login failures or a "Write Not Enabled" error. For more information, see Amazon S3 bucket logging.

Resolution

Because you activated S3 server access logging, you can ignore the "Write Not Enabled" error in Trusted Advisor. Or, you can activate access control lists (ACLs) for the S3 object Write and bucket ACL Read permissions.

Note: It's a best practice to deactivate ACLs unless you must individually control access for each object. You can create an S3 bucket policy to control access to every object in your bucket.

To activate an ACL for your S3 bucket, complete the following steps:

1. Open the Amazon S3 console, and then navigate to you bucket.
2. Choose the Permissions tab.
3. In Object Ownership, choose Edit.
4. Choose ACLs enable, and then select I acknowledge that ACLs will be restored.
5. For Object Ownership, select Bucket owner preferred, and then choose Save changes.
6. In Access control list (ACL), choose Edit.
7. For S3 log delivery group, select Write for the objects and Read for the bucket ACL.
8. Choose Save Changes.

For more information, see Grant permissions to the log delivery group by using a bucket ACL.