s3输入插件未读取aws kms(cmk)加密的存储桶

zlhcx6iw 于 2021-06-10 发布在 ElasticSearch

关注(0)|答案(0)|浏览(244)

我正在运行一个带有s3管道的日志存储容器，配置如下：

input {
  s3 {
    id => "pipeline_s3_example_bucket_input"
    bucket => "example-bucket"
    region => "ap-southeast-1"
    access_key_id => "#######################"
    secret_access_key => "#######################"
    codec => "json_lines"
    sincedb_path => "/sincedbs/pipeline_s3_example_bucket.sincedb"
    prefix => "folderA"
    add_field => {
      "type" => "example-bucket-logs"
      "host" => "example-bucket"
    }
  }
}

我的s3存储桶是使用自定义托管密钥用aws kms加密的。我使用以下iam策略让用户读取存储桶数据：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "IAMPolicy",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "kms:Decrypt",
                "s3:GetBucketLogging",
                "kms:GenerateDataKey",
                "kms:DescribeKey",
                "s3:GetObjectTagging",
                "s3:ListBucket",
                "s3:GetBucketVersioning",
                "s3:GetBucketLocation",
                "s3:GetObjectVersion"
            ],
            "Resource": [
                "arn:aws:kms:ap-southeast-1:<account-id>:key/<Key-ID>",
                "arn:aws:s3:::example-bucket",
                "arn:aws:s3:::example-bucket/*"
            ]
        }
    ]
}

我还在key users中添加了用户arn，我使用awscli命令测试了访问，效果也不错。但是，logstash无法提取这些日志，而且我在容器日志中也看不到任何错误。如果有人遇到过类似的问题，请给予帮助。
同一问题的弹性社区链接：https://discuss.elastic.co/t/s3-input-plugin-is-not-reading-aws-kms-cmk-encrypted-bucket/249439

elasticsearch logstash amazon-s3 elastic-stack

来源：https://stackoverflow.com/questions/64002590/s3-input-plugin-is-not-reading-aws-kms-cmk-encrypted-bucket

暂无答案！

目前还没有任何答案，快来回答吧！

我来回答

s3输入插件未读取aws kms(cmk)加密的存储桶

暂无答案！

相关问题

热门标签

最新问答