Skip to content

Forward Data to AWS S3

Configuration

  1. Select AWS S3 as the archive type, which means saving the matched data to this object storage.
  2. Choose the storage format.
  3. Select whether to encrypt storage.
  4. Choose the access type.
  5. Click "Confirm" to successfully create the configuration.
Note

If the archive type information changes, ensure that the associated platform configurations are updated accordingly to avoid data write failures due to configuration changes. The new configuration rules will take effect within 5 minutes.

Access Type

Role Authorization

  1. Use the external ID generated by Guance to configure third-party access rights for AWS resources.

  2. After configuring the Guance IAM role in AWS, fill in the archive information, including the AWS account ID, AWS role name, region, and bucket name.

  3. Enter the storage path to further distinguish and locate the specific data forwarding location.

  4. Click "Test Connection". If the above information meets the specifications, a successful connection test will be prompted. Click "Confirm" to save the current rule.

Folder Naming Standards
  1. Create single folders and multi-level folders, where a slash (/) indicates the creation of multi-level folders.
  2. Folder names cannot start or end with a slash (/).
  3. Cannot contain more than two consecutive slashes (/).
  4. Applies to all access types.
Note
  • If the specified folder does not exist, Guance will create it directly, and the data will still be stored in this path.
  • Be cautious when changing the storage path. Due to a delay of approximately 5 minutes in updating the configuration, some data may still be forwarded to the original directory after the change.
If the test fails:

You need to confirm:

  • Whether the external ID is invalid.
  • Whether the account ID is correct.
  • Whether the account role exists.
  • Whether the bucket exists.
  • Whether the region is inconsistent.

Proceed with caution in the following situations:

  • If you click to regenerate the external ID, the historical ID will expire after 24 hours. Please replace it in the AWS console as soon as possible.
  • Do not click to generate the external ID multiple times. Proceed with caution!

Access Keys

  1. Click to download the AWS resource authorization template, go to AWS to configure the Guance IAM policy.
  2. After configuration, fill in the account information, including AWS AK & SK, region, and bucket name.
  3. Enter the storage path to further distinguish and locate the specific data forwarding location.
  4. Click "Test Connection". If the above information meets the specifications, a successful connection test will be prompted.
If the test fails:

You need to confirm:

  • Whether the account ID is correct.
  • Whether the AK / SK exists.
  • Whether the bucket exists.
  • Whether the region is inconsistent.

Account Authorization

  1. AWS provides cross-account authorization capabilities. You need to use the Guance dedicated account ID and add a cross-account access authorization policy according to the configuration instructions.

  2. After configuration, select the region and enter the bucket name.

  3. Enter the storage path to further distinguish and locate the specific data forwarding location.

  4. Click "Test Connection". If the above information meets the specifications, a successful connection test will be prompted. Click "Confirm" to save the current rule.

If the test fails:

You need to confirm:

  • Whether the account ID is correct.
  • Whether the bucket exists.
  • Whether the region is inconsistent.

Feedback

Is this page helpful? ×