Skip to content

Data forwarding to AWS S3

Start Configuration

  1. Select AWS S3 as the archive type, which means that the matched log data will be saved to this object storage;
  2. Choose access type;
  3. Click confirm to create successfully.

Note: If there are changes in the archiving type information, ensure that the configuration of the associated platform has been updated synchronously to avoid data writing failures due to configuration changes. The new configuration rules will take effect within 5 minutes.

Access Type

Role Authorization

  1. You must use the default external ID generated by Guance to configure third-party access rights for AWS resources.

  2. After configuring Guance IAM roles in AWS, fill in the archiving information, including AWS account ID, AWS role name, region, and bucket name.

  3. Enter the storage path to facilitate further differentiation and location of the specific data forwarding position later.

  4. Click Test Connection, if the above information meets the specifications, it will prompt that the test connection was successful. Click confirm to save the current rule.

Folder Naming Standards

  1. Create a single folder or multi-level folders, slashes (/) indicate the creation of multi-level folders.
  2. Folder names cannot start or end with a slash (/).
  3. Cannot contain more than two consecutive slashes (/).
  4. Applies to all access types.

Note:

  • If the entered folder does not exist, Guance will create it directly, and the data will still be stored under this path.
  • Be cautious when changing the storage path, as there is about a 5-minute delay in updating the configuration, and some data may still be forwarded to the original directory after the change.
If the test fails:

You need to confirm:

  • Whether the external ID is invalid;
  • Whether the account ID is correct;
  • Whether the account role exists;
  • Whether the bucket exists;
  • Whether the Region is inconsistent.

When encountering the following situations, proceed cautiously:

  • If you click to regenerate the external ID, the historical ID will expire after 24 hours, so please replace it in the AWS console as soon as possible;
  • Do not repeatedly click to generate an external ID, proceed cautiously!

Access Keys

  1. Click to download the AWS resource authorization template and configure Guance IAM policies in AWS.
  2. After configuration, fill in the account information, input AWS AK & SK, region, and bucket name.
  3. Enter the storage path to facilitate further differentiation and location of the specific data forwarding position later.
  4. Click Test Connection, if the above information meets the specifications, it will prompt that the test connection was successful;
If the test fails:

You need to confirm:

  • Whether the account ID is correct;
  • Whether AK / SK exist;
  • Whether the bucket exists;
  • Whether the Region is inconsistent.

Account Authorization

  1. AWS provides cross-account authorization capabilities, and you need to use the dedicated account ID of Guance and add cross-account access authorization policies according to the configuration instructions.

  2. After configuration, select the region and enter the bucket name.

  3. Enter the storage path to facilitate further differentiation and location of the specific data forwarding position later.

  4. Click Test Connection, if the above information meets the specifications, it will prompt that the test connection was successful. Click confirm to save the current rule.

If the test fails:

You need to confirm:

  • Whether the account ID is correct;
  • Whether the bucket exists;
  • Whether the Region is inconsistent.

Regarding overseas sites: The account IDs of overseas sites differ from those in China, please distinguish them accordingly:

Site ID
Hong Kong 588271335135
Oregon 521643107266
Singapore 521643107266
Frankfurt 521643107266

Feedback

Is this page helpful? ×