Creating policy for the log bucket

To create a log bucket policy using the Ceph console, refer to the IBM Storage Ceph documentation. This section describes how to create the policy using the S3 API.

Method: PUT

API endpoint: http://<IP-of-CEPH-server>:<CEPH-RGW-Port>/<source-bucket-name>?logging

Where:

IP-of-CEPH-server - IP address of the Ceph server.
CEPH-RGW-Port - Port of the S3 gateway.
source-bucket-name - the source bucket on which you want to enable bucket logging.

API payload:

{

  "Version": "2012-10-17",

  "Statement": [

    {

      "Sid": "AllowLoggingFromSourceBucket",

      "Effect": "Allow",

      "Principal": {

        "Service": "logging.s3.amazonaws.com"

      },

      "Action": "s3:PutObject",

      "Resource": "arn:aws:s3:::<target-bucket-name>/*",

      "Condition": {

        "ArnLike": {

          "aws:SourceArn": "arn:aws:s3:::<source-bucket-name>"

        }

      }

    }

  ]

}

Where:

<target-bucket-name> is the bucket where target logs are generated.
<source-bucket-name> is the bucket where you want to enable bucket logging.

Creating policy for the log bucket

Feedback

Feedback