Menu
I've just turn logging on in S3 so I can... well, log.
I was wondering why it is turned off by default and if turning it on has any impact on cost or on the performance of S3 transfers?
665
When you enable logging, Amazon S3 delivers access logs for a source bucket to a target bucket that you choose. The target bucket must be in the same AWS Region and AWS account as the source bucket, and must not have a default retention period configuration.
By default, all Amazon S3 buckets and objects are private. Only the resource owner which is the AWS account that created the bucket can access that bucket. The resource owner can, however, choose to grant access permissions to other resources and users.
Encryption. Amazon S3 supports both server-side encryption (with three key management options: SSE-KMS, SSE-C, SSE-S3) and client-side encryption for data uploads. Amazon S3 offers flexible security features to block unauthorized users from accessing your data.
You can record the actions that are taken by users, roles, or AWS services on Amazon S3 resources and maintain log records for auditing and compliance purposes. To do this, you can use server access logging, AWS CloudTrail logging, or a combination of both.
It's turned off because you don't need it by default. I don't care what goes in to my buckets and I never analyse the logs. If you need it then turn it on.
If you turn it on, then you need to pay the cost of storage. That is all. There is no other costs.
I would also recommend that you set up another bucket called logs.mybucket for all of your logs.
129
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
