- 最新
- 投票最多
- 评论最多
For this issue its need to create a Support case asking for Update software version for each Tunnel Endpoints, seems its not automatically update after saved without change in tunnel Options workaorund.
Hello,
The IAM permissions should have the below permissions, despite the admin access. Can you double check on the same ?
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "logs:CreateLogDelivery", "logs:GetLogDelivery", "logs:UpdateLogDelivery", "logs:DeleteLogDelivery", "logs:ListLogDeliveries" ], "Resource": [ "*" ], "Effect": "Allow", "Sid": "S2SVPNLogging" }, { "Sid": "S2SVPNLoggingCWL", "Action": [ "logs:PutResourcePolicy", "logs:DescribeResourcePolicies", "logs:DescribeLogGroups" ], "Resource": [ "CloudWatch Logs log group ARN" ], "Effect": "Allow" } ] }
More Importantly: Please note that the VPN endpoints need to be upgraded to enable the feature and be on the latest software version. Please use Modify VPN connections on the console and click save without changing anything on the tunnel, so that the software can be updated for the feature to be enabled. please note that doing the same, will hamper VPN tunnel connectivity for the time the software is being updated, hence do the same action on the tunnels one by one.
Already check both, IAM attached is right and refresh Tunnel options by save without changing anything on the tunnel, but still doesnt write on the log group.
Facing the same issue, Please let me know if you got to resolve this ?
still persists same issue with different accounts btw.
Indeed, i have same policy attached to my user (admin one), and after that i refresh the endpoint as you mentioned but i doesnt see any new log created yet. btw, the only log created was this:
"Permissions are set correctly to allow AWS CloudWatch Logs to write into your logs while creating a subscription."
but anyone realted to the endpoints
相关内容
AWS 官方已更新 3 年前- AWS 官方已更新 1 年前
even when the role that i used if AdministratorAccess ? i need to create a new role and attach it to my user ?