Forward Data to AWS S3¶
- Complete the rule name and filter condition settings.
- Continue configuring the archive.
Configure¶
- Select AWS S3 as the archive type, which means saving the matched data to this object storage.
- Select the storage format.
- Choose whether to encrypt storage.
- Select the access type.
- Click OK to create successfully.
Note
If the archive type information changes, you need to confirm that the configuration of the associated platform has been updated accordingly to avoid data write failures due to configuration changes. The new configuration rule will take effect within 5 minutes.
Access Type¶
Role Authorization¶
- You must use the external ID generated by default by Guance to configure third-party access rights for AWS resources.
- After configuring the Guance IAM role in AWS, fill in the archive information, including AWS account ID, AWS role name, region, and bucket name.
- Enter the storage path to facilitate further differentiation and locating the specific location of data forwarding.
- Click "Test Connection". If the above information meets the specifications, a successful connection test prompt will appear. Click OK to save the current rule.
Storage Path Naming Convention¶
- Create a single folder or multi-level folders. A slash (/) indicates creating multi-level folders.
- Folder names cannot start or end with a slash (/).
- Cannot contain two or more consecutive slashes (/).
- Applicable to all access types.
Note
- If the entered folder does not exist, Guance will create it directly, and data will still be stored under this path.
- Please be cautious when changing the storage path. Due to a delay of about 5 minutes for configuration updates, some data may still be forwarded to the original directory after the change.
If the test fails:
You need to confirm:
- Whether the external ID has expired.
- Whether the account ID is correct.
- Whether the account role exists.
- Whether the bucket exists.
- Whether the Region is inconsistent.
Be cautious in the following situations:
- If you click to regenerate the external ID, the historical ID will expire after 24 hours. Please go to the AWS console to replace it as soon as possible.
- Do not click to generate the external ID multiple times. Please operate with caution!
Access Keys¶
- Click to download the AWS resource authorization template and go to AWS to configure the Guance IAM policy.
- After configuration is complete, fill in the account information, including AWS AK & SK, region, and Bucket name.
- Enter the storage path to facilitate further differentiation and locating the specific location of data forwarding.
- Click "Test Connection". If the above information meets the specifications, a successful connection test prompt will appear.
If the test fails:
You need to confirm:
- Whether the account ID is correct.
- Whether the AK / SK exists.
- Whether the bucket exists.
- Whether the Region is inconsistent.
Account Authorization¶
- AWS provides cross-account authorization capability. You need to use the Guance exclusive account ID and add a cross-account access authorization policy according to the configuration instructions.
- After configuration is complete, select the region and enter the bucket name.
- Enter the storage path to facilitate further differentiation and locating the specific location of data forwarding.
- Click "Test Connection". If the above information meets the specifications, a successful connection test prompt will appear. Click OK to save the current rule.
If the test fails:
You need to confirm:
- Whether the account ID is correct.
- Whether the bucket exists.
- Whether the Region is inconsistent.
Data Waiting Time¶
Data is first written to a local temporary file. When the file size reaches 256 MB or the waiting time reaches the set value, the system automatically compresses and uploads it. You can adjust the waiting time according to actual needs, including 15 minutes, 30 minutes, 1 hour:
- Shorter setting: lower downstream data latency, but generates more files.
- Longer setting: fewer files, but downstream data latency increases accordingly.
Next Steps¶
Continue configuring the data viewing permissions under the current forwarding rule.



