Permalink
Switch branches/tags
Nothing to show
Find file Copy path
aa081f8 Oct 13, 2017
2 contributors

Users who have contributed to this file

@mwunderl @mosheeshel
55 lines (50 sloc) 2.85 KB
###################################################################################################
#### Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
####
#### Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file
#### except in compliance with the License. A copy of the License is located at
####
#### http://aws.amazon.com/apache2.0/
####
#### or in the "license" file accompanying this file. This file is distributed on an "AS IS"
#### BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#### License for the specific language governing permissions and limitations under the License.
###################################################################################################
###################################################################################################
#### This file configures your environment's load balancer to update access logs to an existing
#### bucket. Specify the name of your bucket in the Parameters section below. You can also set a
#### prefix for the load balancer to add to the log files in addition to the default prefix, which
#### starts with "AWSLogs" and looks similar to the following:
#### AWSLogs/123456789012/elasticloadbalancing/us-west-2/2017/09/01
####
#### The load balancer must have permission to upload logs to the bucket. See the following topic
#### for instructions on creating or updating a bucket policy:
#### http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-access-logs.html
####
#### If you don't already have a bucket policy, you can apply one with commands like the following:
#### $ ELBACCOUNT=797873946194 # For us-west-2, see above topic for other regions
#### $ BUCKET=my-bucket
#### $ PREFIX=my-app/
#### $ aws s3api put-bucket-policy --bucket ${BUCKET} --policy "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::${ELBACCOUNT}:root\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::${BUCKET}/${PREFIX}AWSLogs/*\"}]}"
###################################################################################################
Parameters:
bucket:
Type: String
Description: "Name of the Amazon S3 bucket in which to store load balancer logs"
Default: "my-bucket"
bucketprefix:
Type: String
Description: "Optional prefix. Can't start or end with a /, or contain the word AWSLogs"
Default: ""
##############################################
#### Do not modify values below this line ####
##############################################
Resources:
AWSEBLoadBalancer:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
AccessLoggingPolicy:
EmitInterval: 5
Enabled: true
S3BucketName: { "Ref" : "bucket" }
S3BucketPrefix: { "Ref" : "bucketprefix" }