By using AWS re:Post, you agree to the Terms of Use
/S3 access logging/

S3 access logging


Hi team,

I enabled the Server access logging in my bucket and specified a destination bucket for logs,

the destination bucket is encrypted with SSE-KMS (using my own KMS KEY),

but noticed that the logs don't come to this destination log bucket

is there a missing step to do so I can see logs on the destination bucket?

Thank you!

1 Answers

Permissions need to be configured for log delivery. This might help:

answered 22 days ago
  • yea I already did that, still not working, seems KMs not supported??

  • Yes, the document says:

    You can use default bucket encryption on the target bucket only if you use AES256 (SSE-S3). Default encryption with AWS KMS keys (SSE-KMS) is not supported.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions