ELB Logs on S3 Bucket

27 / Oct / 2014 by Vikash Jha 4 comments

Today we’ll be implementing an S3 bucket policy for storing multiple Elastic Load Balancer access logs on a single S3 bucket.

elb3

Instead of having multiple S3 bucket for each ELB access logs, we’ll create only one S3 bucket for storing all ELB’s access logs.

This section walks you through the step by step guide for configuring S3 bucket for storing ELB logs.

Step1: Create S3 bucket
Step2: Attach a bucket policy to the S3 Bucket
Step3: Enable Access logs at the ELB

Step1: Create S3 bucket:

Let’s create an S3 bucket for storing our ELB logs.
S3 bucket: com.domainame.com.elb.logs

elb1

Let’s create few folder inside our S3 bucket. e.g. myapp1, myapp2, myapp3 for storing respective elb access logs.

Step2: Attach a bucket policy to the S3 bucket.

You can use below bucket policy for this purpose. You have to change certain parameters on this policy like “account number, bucket name , folder name” as per your setup.

{
"Version": "2008-10-17",
"Id": "Policy1413182823222",
"Statement": [
     { 
      "Sid": "Stmt1413182819426",
      "Effect": "Allow",
      "Principal": {
      "AWS": "arn:aws:iam::ELB-REGION-ID:root"
    },
 "Action": "s3:PutObject",
 "Resource": [
     "arn:aws:s3:::com.domainname.com.elb.logs/myapp1/AWSLogs/XXXXXXXXXXXX/*",
     "arn:aws:s3:::com.domainname.com.elb.logs/myapp2/AWSLogs/XXXXXXXXXXXX/*",
     "arn:aws:s3:::com.domainname.com.elb.logs/myapp3/AWSLogs/XXXXXXXXXXXX/*",
    ]
   }
 ]
}

–> In place of ELB-REGION-ID, you have to use ‘127311923021’ if your ELB is in North Virginia and ‘156460612806’ if your ELB is in EU (Ireland). For a complete list of ELB REGION ID you can follow this link “http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/configure-s3-bucket.html

–> In Resource section above , You have to use below format

 arn:aws:s3:::yourS3bucketname/prefix/AWSLogs/yourAWSAccountID/* 

like we did
yourS3bucketname: “com.domainname.com.elb.logs”
prefix: “myapp1″
AWSlogs: “leave it as it is”
yourAWSAccountID: “your 12 digit AWS Account Number”

Similarly you can define multiple prefix for multiple application.

Step3: Enable Access logs at the ELB

Log In to EC2 Section -> Browse to Load Balancers -> Click on any load Balancer -> Enable Access log [Edit],
This will ask you for your S3 Bucket location with prefix.

Give the path of S3 bucket. “com.domainname.com.elb.logs/myapp1″

elb5

elb6

Similarly for another ELB you can enable access log and use myapp2 folder.

Tag -

ELB log s3
FOUND THIS USEFUL? SHARE IT

comments (4)

  1. getafterit

    Great Article, Only suggestion is that make sure that you do it from a single browser. I had s3 console open in one browser and ec2 console open in another browser and errors were being thrown.

    Reply

Leave a comment -