Enabling LB Logging via UI

  1. Ensure that Load balancer logging is enabled. The process might vary depending on the type of Load Balancers:
    1. Classic Load Balancer - https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html
    2. Application Load Balancer - https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#enable-access-logging

Enable access to the target S3 bucket

  1. The following policy should be added to Last9 user or IAM role.

    Where

    1. <bucket>: target S3 bucket
    2. <prefix>: target S3 bucket prefix, if any.
  2. From the main console, click on Identity & Access Management.

  3. From the IAM dashboard select the Policies section and then click the Create Policy **button.

  4. Paste the policy and fill in name of the S3 bucket and prefix, if any as used in Step-1

  5. Give a meaningful name to the policy and click on Create Policy - in this example, we gave the name access-lb-logs as the policy was tied to an AWS load balancer logging bucket. A similar name like access-apigw-logs can be provided for API Gateway logging bucket and so on.

  6. Go back to the Policies section, select the policy we just created, click on Policy Actions, and select Attach

  7. Select the Last9 user or IAM role to attach the policy to, and then click on Attach Policy