elasticsearch S3输入插件未读取AWS-KMS(CMK)加密存储桶
我正在按照以下配置运行带有s3管道的日志存储容器:elasticsearch S3输入插件未读取AWS-KMS(CMK)加密存储桶,elasticsearch,amazon-s3,logstash,elastic-stack,elasticsearch,Amazon S3,Logstash,Elastic Stack,我正在按照以下配置运行带有s3管道的日志存储容器: input { s3 { id => "pipeline_s3_example_bucket_input" bucket => "example-bucket" region => "ap-southeast-1" access_key_id => "#######################"
input {
s3 {
id => "pipeline_s3_example_bucket_input"
bucket => "example-bucket"
region => "ap-southeast-1"
access_key_id => "#######################"
secret_access_key => "#######################"
codec => "json_lines"
sincedb_path => "/sincedbs/pipeline_s3_example_bucket.sincedb"
prefix => "folderA"
add_field => {
"type" => "example-bucket-logs"
"host" => "example-bucket"
}
}
}
我的s3存储桶使用自定义托管密钥用AWS-KMS加密。我使用以下IAM策略供用户读取存储桶数据:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "IAMPolicy",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"kms:Decrypt",
"s3:GetBucketLogging",
"kms:GenerateDataKey",
"kms:DescribeKey",
"s3:GetObjectTagging",
"s3:ListBucket",
"s3:GetBucketVersioning",
"s3:GetBucketLocation",
"s3:GetObjectVersion"
],
"Resource": [
"arn:aws:kms:ap-southeast-1:<account-id>:key/<Key-ID>",
"arn:aws:s3:::example-bucket",
"arn:aws:s3:::example-bucket/*"
]
}
]
}
{
“版本”:“2012-10-17”,
“声明”:[
{
“Sid”:“IAMPolicy”,
“效果”:“允许”,
“行动”:[
“s3:GetObject”,
“kms:解密”,
“s3:GetBucketLogging”,
“kms:GenerateDakey”,
“kms:DescribeKey”,
“s3:GetObjectTagging”,
“s3:ListBucket”,
“s3:GetBucketVersioning”,
“s3:GetBucketLocation”,
“s3:GetObjectVersion”
],
“资源”:[
“arn:aws:kms:ap-东南-1: