Sharing Logs with Support

You can allow Varada customer support to access the Varada logs for system troubleshooting and support by creating a bucket policy that is authorized to retrieve files from the S3 directory in which the log files are stored.

👍

Before you get started, contact Varada customer support for the Varada AWS account ID.

  1. Go to the S3 console and click on the relevant bucket, then click on the permissions tab, and scroll down until you see Bucket policy.

  2. Click Edit and paste the below JSON policy for allowing customer support access to your Varada logs.

{

    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "copy",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<varada-accountid>:role/varada-read-customerbucket-role"
            },
            "Action": [
                "s3:GetObject",
                "s3:GetObjectAcl"
            ],
            "Resource": "arn:aws:s3:::s3://<insert s3 bucket here>/<insert varada's logs directory here>/*"
        },
        {
            "Sid": "list",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<varada-accountid>:role/varada-read-customerbucket-role"
            },
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::s3://<insert s3 bucket here>"
        }
    ]
}

where:

  • varada-accountid: The Varada AWS account ID.
  • insert s3 bucket here: The S3 bucket in which the Varada log files are stored.