Hi. I'm following this document: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html#attach-bucket-policy
And I have adding the policy to my s3 bucket, but when I try to add it to the ALB I get the error: Access Denied for bucket: {bucket_name}. Please check S3bucket permission
Here are the permissions I have on the s3 bucket. This is all under the same account and in us-east-1. I'm not using a prefix. What am I doing wrong?
Thanks!
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::{account_id}:root"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::{bucket_name}/AWSLogs/{account_id}/*"
}
]
}