By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

ALB access logs s3 denied

0

Hi. I'm following this document: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html#attach-bucket-policy

And I have adding the policy to my s3 bucket, but when I try to add it to the ALB I get the error: Access Denied for bucket: {bucket_name}. Please check S3bucket permission

Here are the permissions I have on the s3 bucket. This is all under the same account and in us-east-1. I'm not using a prefix. What am I doing wrong?

Thanks!

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::{account_id}:root"
            },
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::{bucket_name}/AWSLogs/{account_id}/*"
        }
   ]
}
Topics
Security, Identity, & Compliance
Tags
AWS Identity and Access ManagementApplication Load Balancer
Language
English
Scot
asked 3 months ago201 views
1 Answer
0
Accepted Answer

I think I solved my issue. I thought both account numbers were the same, I didn't notice that we have standard ones for the ELB based on location. That fixed the issue.

Scot
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content