User guide

ManualsBrandsAmazon ManualsComputer equipmentRedshift

221

222

223

224

225

226

227

228

229

230

Account IDRegion

361669875840Asia Pacific (Singapore) region

762762565011Asia Pacific (Sydney) region

The bucket policy uses the following format, where BucketName and AccountId are placeholders for

your own values:

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "Put bucket policy needed for audit logging",

"Effect": "Allow",

"Principal": {

"AWS": "arn:aws:iam::AccountId:user/logs"

"Action": "s3:PutObject",

"Resource": "arn:aws:s3:::BucketName/*"

{

"Sid": "Get bucket policy needed for audit logging ",

"Effect": "Allow",

"Principal": {

"AWS": "arn:aws:iam::AccountID:user/logs"

"Action": "s3:GetBucketAcl",

"Resource": "arn:aws:s3:::BucketName"

}

]

}

The following example is a bucket policy for the US East (N.Virginia) region and bucket named AuditLogs.

{

"Version": "2012-10-17",

"Statement": [

{

"Sid": "Put bucket policy needed for audit logging",

"Effect": "Allow",

"Principal": {

"AWS": "arn:aws:iam::193672423079:user/logs"

"Action": "s3:PutObject",

"Resource": "arn:aws:s3:::AuditLogs/*"

{

"Sid": "Get bucket policy needed for audit logging ",

"Effect": "Allow",

"Principal": {

"AWS": "arn:aws:iam::193672423079:user/logs"

API Version 2012-12-01

219

Amazon Redshift Management Guide

Bucket Permissions for Amazon Redshift Audit Logging