Why is my subscription sending reports to an S3 bucket failing?
search cancel

Why is my subscription sending reports to an S3 bucket failing?

book

Article ID: 284413

calendar_today

Updated On:

Products

CloudHealth

Issue/Introduction

If you have configured a subscription and are getting an error that looks like the image below, most likely the permissions in the IAM credentials need to be adjusted.

NOTE:  If your S3 bucket is encrypted, make sure CH Role has the right permissions to write to the S3.  Once you have confirmed that proper permissions are configured continue with the steps below.

 

Please follow the help docs for S3 bucket subscriptions to resolve the issue.  Tasks 3 and 4 in Step 1 show the IAM snippet that needs to be added:

Resolution

  1. In the AWS Console, select Services > IAM. From the left menu, select Policies and locate the IAM Access Policy you are using for the CloudHealth platform.

  2. In the Permissions tab, click JSON and paste the following policy snippet. In this snippet, cht-subscriptions is the name of the S3 bucket you created. Replace this string with your bucket name.

    {
  "Effect": "Allow",
  "Action": [
    "s3:PutObject",
    "s3:PutObjectAcl"
  ],
  "Resource": [
    "arn:aws:s3:::cht-subscriptions",
    "arn:aws:s3:::cht-subscriptions/*"
  ]
},

     

  3. Click Save.

    Through this policy snippet, your IAM credentials are used to write report subscriptions from the CloudHealth Platform to the S3 bucket.

Powered by Wolken Software