- 최신
- 최다 투표
- 가장 많은 댓글
Hello,
CloudTrail Event History feature supports only management events. The data events do not show up in Event History and they are sent to the S3 bucket directly that is configured for logging the CloudTrail events. I would suggest you to configure your cloudtrail to enable S3 data logging. You can enable data logging by following the steps given in the documentation[1].
Once the data logging is enabled, you would be able to see the S3 data events being sent in the s3 bucket, that will help to understand which specific S3 API call is getting denied and according to that we can check permission on the role/user calling that API.
In case you require resource specific troubleshooting, feel free to raise a case with AWS support team[2].
Reference [1]https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html [2]https://us-east-1.console.aws.amazon.com/support/home?region=us-east-1#
Is the proper permissions configured for the role you are using when running IDT?
You can find what permissions your role needs in Step 2: Configure permissions for IDT there is a permission block called s3Resources which lists all the permissions IDT needs.
https://docs.aws.amazon.com/greengrass/v2/developerguide/dev-tst-prereqs.html
Another possible cause is the stream manager might be using the wrong credentials
for more information you can look at Stream manager qualification errors in
https://docs.aws.amazon.com/greengrass/v2/developerguide/idt-troubleshooting.html#stream-manager-qualification-failure
관련 콘텐츠
- 질문됨 8달 전
AWS 공식업데이트됨 2년 전
