Prerequisites for Log Export
- Shirly Tsang
- Sri Raghu
Owned by Shirly Tsang
Before enabling log export, ensure that you have completed the following:
- Create and set up an Amazon S3 bucket that can receive log data from BloxOne Cloud. Infoblox recommends that you create a dedicated S3 bucket for response log export. You must use the Principal ID that Infoblox provides to grant BloxOne Cloud all access permissions to your S3 bucket. For information about how to set up the S3 bucket, refer to the AWS documentation.
- Properly configure the IAM (Identity and Access Management) policies and grant BloxOne Cloud the following access permissions to the S3 bucket using the Principal ID that Infoblox provides on the Cloud Service Portal. Enter the Principal ID in the Account field while configuring permissions. You can find the Principal ID on the Response Log Export page when you log in to the Cloud Service Portal.
- ListBucket
- ListObjectsV2
- CopyObject
- GetObject
- PutObject
- The following options are supported for log export:
- Object Lock
- Bucket Versioning
- Log export does not support encryption with KMS keys configured. Only AWS-managed keys are supported.
Please make sure that you configure your IAM policies correctly, so BloxOne Cloud can push log data to your S3 bucket. Otherwise, you might risk losing log data.
For information about how to configure IAM policies and permissions, refer to the AWS documentation.