Step 1 - Ensure your logs are being sent to a s3 bucket

The following guide from amazon will help you achieve this if you are not doing this already, you can choose the best way to achieve this, but cloudwatch or cloudtrail are a great place to start:

RDS Monitoring Guid

Step 2 - Ensure adequate bucket permissions

The following permissions applied to the AWS IAM Policy being used:

  • s3:ListBucket to check if the S3 bucket exists and list objects in it.
  • s3:GetObject to check object metadata and download objects from S3 buckets.

Below is how your permissions should appear:

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "SidID",
            "Effect": "Allow",
            "Action": [
            "Resource": [
Step 3 - Start sending logs from RDS to your stack will verify your input before it is applied this should be actioned in less than 24 hours, we will contact you to verify.


Ready to get going?

Try our 14 day free trial

No commitment and no catches

Create Free Trial