我正在尝试按照此文档 https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-access-logs.html 为 AWS 网络 ELB 配置访问日志
我指定了存储桶名称和前缀,然后选择了 Create this location for me
以下存储桶策略是为存储桶自动生成的
{
"Version": "2012-10-17",
"Id": "AWSConsole-AccessLogs-Policy-xxxxxxxxxxxxx",
"Statement": [
{
"Sid": "AWSConsoleStmt-xxxxxxxxxxxxx",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::xxxxxxxxxxxx:root"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::bucket_name/prefix/AWSLogs/123456789012/*"
},
{
"Sid": "AWSLogDeliveryWrite",
"Effect": "Allow",
"Principal": {
"Service": "delivery.logs.amazonaws.com"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::bucket_name/prefix/AWSLogs/123456789012/*",
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "bucket-owner-full-control"
}
}
},
{
"Sid": "AWSLogDeliveryAclCheck",
"Effect": "Allow",
"Principal": {
"Service": "delivery.logs.amazonaws.com"
},
"Action": "s3:GetBucketAcl",
"Resource": "arn:aws:s3:::bucket_name"
}
]
}
Bucket 已创建,但在
AWSLogs/xxxxxxxx
下没有生成任何日志文件。我在这里缺少什么吗?
最佳答案
来自:https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-access-logs.html
Access logs are created only if the load balancer has a TLS listener and they contain information only about TLS requests.
关于amazon-web-services - aws 网络 elb 不生成日志,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55734163/