amazon-s3boto3amazon-cloudwatchs3-lifecycle-policyaws-cloudtrail

AWS Lifecycle transition logging


I have enabled the lifecycle policy in my AWS account. I need the log details of when the files are transitioned from standard to glacier. when the files are expired etc. I have enabled the server access logging, I want only file transition logs. But enabling server access logging will write all the user login also. I don't want to use any lambda functions since it costs high.

Tried using CloudTrail but didn't find the logs of file transitions. I read that CloudTrail only logs API calls.


Solution

  • Use S3 Event Notifications(most cost effictive):

    1. You can configure S3 Event Notifications to trigger on specific events like s3:ObjectTransition, s3:ObjectExpiration, etc.
    2. These notifications can be sent to an SNS topic, SQS queue, or even directly to CloudWatch Logs. This way, you can capture only the specific events related to lifecycle transitions and expirations without capturing other access logs.

    you can check the docs here : https://docs.aws.amazon.com/AmazonS3/latest/userguide/EventNotifications.html