crossfeed icon indicating copy to clipboard operation
crossfeed copied to clipboard

Published 20 hours ago verified publisher icon cisagov

Fix logging for S3 buckets

Open epicfaace opened this issue 2 years ago • 4 comments

Our server access logs for S3 buckets aren't working. We need to set permissions for the log delivery group on the S3 logging bucket -- see https://repost.aws/knowledge-center/s3-server-access-log-not-delivered and https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_logging#example-usage.

epicfaace avatar May 08 '23 04:05 epicfaace

@epicfaace - I would need higher level permissions on the S3 buckets to address this

mbachtell-nais avatar May 10 '23 12:05 mbachtell-nais

We need to change this on Terraform, we shouldn't need to update this manually.

epicfaace avatar May 11 '23 01:05 epicfaace

My working assumption is that the logging for the servers should be placed in to the existing s3 buckets of:

  • cisa-crossfeed-prod-logging
  • cisa-crossfeed-staging-logging

Unless directed otherwise that is where I'm going to routing the txt files for the logs. There are gzip files in these directories already.

mbachtell-nais avatar May 11 '23 12:05 mbachtell-nais

@epicfaace will take this, then others will review it.

epicfaace avatar May 17 '23 12:05 epicfaace