VPN Log enabled but no logs are generated

Hello,

Did you follow the steps outlined here; specifically the IAM section?

Hello,

The IAM permissions should have the below permissions, despite the admin access. Can you double check on the same ?

{ "Version": "2012-10-17", "Statement": [ { "Action": [ "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries" ], "Resource": [ "*" ], "Effect": "Allow", "Sid": "S2SVPNLogging" }, { "Sid": "S2SVPNLoggingCWL", "Action": [ "logs:PutResourcePolicy", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups" ], "Resource": [ "CloudWatch Logs log group ARN" ], "Effect": "Allow" } ] }

More Importantly: Please note that the VPN endpoints need to be upgraded to enable the feature and be on the latest software version. Please use Modify VPN connections on the console and click save without changing anything on the tunnel, so that the software can be updated for the feature to be enabled. please note that doing the same, will hamper VPN tunnel connectivity for the time the software is being updated, hence do the same action on the tunnels one by one.

Facing the same issue, Please let me know if you got to resolve this ?

Indeed, i have same policy attached to my user (admin one), and after that i refresh the endpoint as you mentioned but i doesnt see any new log created yet. btw, the only log created was this:

"Permissions are set correctly to allow AWS CloudWatch Logs to write into your logs while creating a subscription."

but anyone realted to the endpoints