In this article:
Applicable to:
- Connector: AWS S3 real-time connection logs
- Terraform
Overview
In some cases, users configuring real time connection logs to AWS S3 buckets may see empty files, and receive repeated Your S3 sync is experiencing issues
email notifications, when configuring via Terraform. Though it is unconfirmed if this is specific to Terraform users, but has only been reported from those configuring from TF.
Cause
The cause seems to be related to missing KMS keys based on S3 Bucket SSE algorithm requirements.
Workaround
Define GenerateDataKey and Decrypt kms keys, similar to:
# apply kms:GenerateDataKey and kms:Decrypt
statement {
actions = [
"kms:GenerateDataKey",
"kms:Decrypt"
]
resources = [
aws_kms_key_this.arn
]
}