Can you centralize ALB access logs in a multi-account environment?

Topic Resolution: Resolved

We have a multi-account environment with each account containing several application load balancers (ALBs) and are looking into a way to centralize logs from all of them? Is that possible?

This topic has 1 reply, 1 voice, and was last updated 1 year, 8 months ago.

1 Answers

September 21, 2021 at 3:24 pm #369

Up
0
Down

We have a multi-account environment with each account containing several application load balancers (ALBs) and are looking into a way to centralize logs from all of them? Is that possible?

abdulk

September 21, 2021 at 3:59 pm #370

Up
1
Down

Yes, ALB access logs can be sent to an S3 bucket in another account. So you can set up an S3 bucket in a dedicated logging account and forward all ALB logs to it. A couple of things to take into account:

* You have to use the S3 bucket policy here (including updating the value for the alb account id based on the table provided in the same link): https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#access-logging-bucket-permissions
* The s3 bucket must be in the same region as the ALBs, so if you are using multiple regions, you’ll have to create a separate S3 bucket for each region

There are other requirements that are also listed in the above link

abdulk
Author

Posts

Viewing 2 posts - 1 through 2 (of 2 total)

Save

You must be logged in to reply to this topic.