Removing Logs to S3 from the Load Balancer

thisisqubika · Apr 9, 2024 · a4bd000 · a4bd000
1 parent 5d2b10d
commit a4bd000
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 50 deletions.
diff --git a/terraform/iam.tf b/terraform/iam.tf
@@ -1,37 +1,37 @@
-# POLICY TO LET BUCKET PERMISSIONS:
+# # POLICY TO LET BUCKET PERMISSIONS:
 
 
-# subir como data y statement como en el infra ops en vez de esta forma:
-resource "aws_s3_bucket_policy" "alb_log_bucket_policy" {
- bucket = aws_s3_bucket.nlb_logs.id
+# # subir como data y statement como en el infra ops en vez de esta forma:
+# resource "aws_s3_bucket_policy" "alb_log_bucket_policy" {
+#  bucket = aws_s3_bucket.nlb_logs.id
 
- policy = jsonencode({
- Version = "2012-10-17",
- Statement = [
- {
- Effect = "Allow",
- Principal = {
- Service = "elasticloadbalancing.amazonaws.com"
- },
- Action = "s3:*",
- Resource = "${aws_s3_bucket.nlb_logs.arn}/*",
- Condition = {
- StringEquals = {
- "s3:x-amz-acl" = "bucket-owner-full-control"
- }
- }
- },
- {
- Effect = "Allow",
- Principal = {
- Service = "elasticloadbalancing.amazonaws.com"
- },
- Action = "s3:GetBucketAcl",
- Resource = aws_s3_bucket.nlb_logs.arn
- }
- ]
- })
-}
+#  policy = jsonencode({
+#  Version = "2012-10-17",
+#  Statement = [
+#  {
+#  Effect = "Allow",
+#  Principal = {
+#  Service = "elasticloadbalancing.amazonaws.com"
+#  },
+#  Action = "s3:*",
+#  Resource = "${aws_s3_bucket.nlb_logs.arn}/*",
+#  Condition = {
+#  StringEquals = {
+#  "s3:x-amz-acl" = "bucket-owner-full-control"
+#  }
+#  }
+#  },
+#  {
+#  Effect = "Allow",
+#  Principal = {
+#  Service = "elasticloadbalancing.amazonaws.com"
+#  },
+#  Action = "s3:GetBucketAcl",
+#  Resource = aws_s3_bucket.nlb_logs.arn
+#  }
+#  ]
+#  })
+# }
 
 
 

diff --git a/terraform/main.tf b/terraform/main.tf
@@ -83,19 +83,20 @@ resource "aws_route_table_association" "vectorstore_rta" {
 
 
 
-resource "aws_s3_bucket" "nlb_logs" {
- bucket = "milvus-api-alb-logs"
-}
 
-# Public access for ALB to send logs
-resource "aws_s3_bucket_public_access_block" "nlb_logs_access_block" {
- bucket = aws_s3_bucket.nlb_logs.id
+# resource "aws_s3_bucket" "nlb_logs" {
+# bucket = "milvus-api-alb-logs"
+# }
 
- block_public_acls = false
- block_public_policy = false
- ignore_public_acls = false
- restrict_public_buckets = false
-}
+# # Public access for ALB to send logs
+# resource "aws_s3_bucket_public_access_block" "nlb_logs_access_block" {
+# bucket = aws_s3_bucket.nlb_logs.id
+
+# block_public_acls = false
+# block_public_policy = false
+# ignore_public_acls = false
+# restrict_public_buckets = false
+# }
 
 
 resource "aws_lb" "vectorstore_nlb" {
@@ -105,19 +106,19 @@ resource "aws_lb" "vectorstore_nlb" {
  subnets = [aws_subnet.vectorstore_subnet.id, aws_subnet.vectorstore_subnet_2.id]
  enable_deletion_protection = false
 
- access_logs {
- bucket = aws_s3_bucket.nlb_logs.bucket
- prefix = "access-logs"
- enabled = true
- }
+ # access_logs {
+ #  bucket = aws_s3_bucket.nlb_logs.bucket
+ #  prefix = "access-logs"
+ #  enabled = true
+ # }
 
  tags = {
  Name = "vectorstore_nlb"
  }
 
- depends_on = [
- aws_s3_bucket_policy.alb_log_bucket_policy
- ]
+ # depends_on = [
+ #  aws_s3_bucket_policy.alb_log_bucket_policy
+ # ]
 }