AWS: StackZone Central S3 Bucket
Centralized Logging within your log-archive account
Ryan Ware
Last Update il y a un an
With StackZone, you will see an account has been setup within your AWS Organizations which is called "log-archive". The purpose of this is to centralize all of your logs form all AWS accounts you have connected within the same OU.
StackZone will create for you a centralized logging S3 Bucket called stackzone-logs-$account-$region, being $region the Primary Region you declared when you first deployed StackZone
By default the retention period is 180 days and after that, it relocates the data to Glacier Flexible Retrieval where it is stored for 7 years.
If you need to modify one of these values, login into StackZone Console and go from within the main menu to Provisioning > Core Accounts > Log Archive and locate the following card:
Frequently Asked Questions
How can I send additional logs to this central bucket from my other accounts?
You can do this by directing your S3 Bucket Logging Information to the bucket mentioned above. This is performed at the Bucket Creation stage within the "Logging Configuration" option.
If you prefer to do it via CLI, first, grant S3 permission with put-bucket-acl:
Then, apply the logging policy:
* First, save the following content to logging.json
Will my data be safe and encrypted if collected in this central bucket?
Yes - by default the StackZone central bucket is encrypted and has versioning enabled.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy-to-follow videos or just create your own StackZone Account here
