Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

🚀 25% OFF All Practice Exams, Video Courses, & eBooks – Cyber Sale Extension!

Guided Lab: Enabling Amazon S3 Server Access Logging

Description

Amazon S3 Server Access Logging is a feature that enables you to monitor and audit access requests to your Amazon S3 buckets. By configuring access logging, you can automatically log detailed information about requests made to a bucket, such as the requester’s IP address, the type of request, and the object accessed. These logs can then be stored in another S3 bucket (called a “log bucket”) for analysis, making it an essential feature for auditing data access, maintaining compliance, and identifying suspicious activity in your S3 buckets.

Prerequisites

This lab assumes you have the following:

  • Basic knowledge and understanding of Amazon S3

If you find any gaps in your knowledge, consider taking the following lab:

Objectives

By the end of this lab, you will learn how to:

  • Configure Amazon S3 Server Access Logging to monitor and audit bucket access.
  • Set up and manage a source and log bucket using the AWS Management Console.
  • Enable and verify logging, then analyze generated access logs.

Lab Steps

Create Two Buckets

1. Navigate to the Amazon S3 dashboard.

2. Create the Buckets:

  • Name your buckets uniquely (for example my-log-bucket-3000 and my-source-bucket-0000 )

3. Choose one of the buckets you want to enable logging ( in this case, I will use the my-source-bucket-0000 ).

Enable Logging

1. Click on the chosen Bucket to open its details.

a. Go to the Properties tab.

b. Scroll down to find the Server access logging section.

c. Click Edit to configure logging.

2. Configure Logging:

a. Server access logging: Select Enable.

b. Destination: Browse the other S3 bucket (In this case: my-log-bucket-3000 )

c. Use the default for the Log object key format

d. Save changes.

Test and Verify Server Access Logging

1. Upload a file to the chosen S3 Bucket. In this case, the my-source-bucket-0000

2. Download the following image below to upload. You can also use an image you desire.

a. Upload it to your S3 Bucket:

3. You can also delete the file to generate a Delete request in the logs.

4. Wait for Logs to Appear:

  • Logs can take about 30-60 minutes or more to generate and save to the destination bucket, in this case, the my-log-bucket-3000.

5. Verify Logs in my-log-bucket:

  • Check under the Target prefix (e.g., access-logs/) if you set one, or directly in the root folder.
  • You should see log files with names similar to:
my-source-bucket/YYYY-MM-DD-HH-MM-SS-UniqueString
  • Download and open one of the log files. You should see entries with details about each request made to my-source-bucket.

Each line represents an access request, providing information on the requester’s IP, action (e.g., GET.OBJECT), object key, and other details like HTTP status and bytes transferred.

Congratulations! You’ve successfully enabled and tested server access logging on an S3 bucket using the AWS Management Console. This feature is useful for tracking access and auditing who accessed what data, when, and from where.

As a best practice, remember to delete any resources no longer in use to maintain a clutter-free AWS environment.

Thank you for joining this lab, and happy learning!

Skip to content