Hi, I'm Ask INFA!
What would you like to know?
ASK INFAPreview
Please to access Ask INFA.
Error 404 Not Found

HTTP ERROR 404 Not Found

URI:/content/informaticadita-com/en_us/cloud-common-services/administrator/current-version/_advanced-clusters_administrator_current-version_ditamap/setting_up_amazon_web_services/step_7_create_iam_roles/create_or_reuse_a_log_access_policy_for_the_secure_agent_role/create_a_log_access_policy/_jcr_content/header/menupage.nocache.html/informaticadita-com/components/content/menu-hover
STATUS:404
MESSAGE:Not Found
SERVLET:org.apache.felix.http.base.internal.dispatch.DispatcherServlet-3dc2f56e
English
  •        
  • Administrator
  • Current Version
  • Advanced Clusters
    • Error 404 Not Found

    HTTP ERROR 404 Not Found

    URI:/content/informaticadita-com/en_us/cloud-common-services/administrator/current-version/_advanced-clusters_administrator_current-version_ditamap/setting_up_amazon_web_services/step_7_create_iam_roles/create_or_reuse_a_log_access_policy_for_the_secure_agent_role/create_a_log_access_policy/_jcr_content/navigation-bar/breadcrumb/timestamp.nocache.html/informaticadita-com/components/content/timestamp
    STATUS:404
    MESSAGE:Not Found
    SERVLET:org.apache.felix.http.base.internal.dispatch.DispatcherServlet-3dc2f56e
  • Administrator
  • All Products

Table of Contents

Search

  1. Preface
  2. Advanced clusters
  3. Setting up Amazon Web Services
  4. Setting up Google Cloud
  5. Setting up Microsoft Azure
  6. Setting up a self-service cluster
  7. Local cluster setup
  8. Advanced configurations
  9. Troubleshooting advanced clusters
  10. Appendix A: Command reference

Advanced Clusters

Advanced Clusters

Back Next

Create a log access policy

Create a log access policy

To create an IAM policy for log access, complete the following tasks in AWS:
  1. Create the following IAM policy named
    log_access_agent_policy
    : 
    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetBucketLocation",
                "s3:GetEncryptionConfiguration",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::<cluster-logging-bucket-name1>"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObjectAcl",
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::<cluster-logging-dir1>/*"
            ]
        }
    ]
}
    Specify the log location in the Resource elements.
  2. Attach the IAM policy
    log_access_agent_policy
     to the IAM role
    agent_role
    .
0 COMMENTS
We’d like to hear from you!