Before you query Object Storage Service (OSS) access logs in the OSS console, you must enable the real-time log query feature in the OSS console. This topic describes how to enable the real-time log query feature in the OSS console.
Prerequisites
- You have created an Object Storage Service (OSS) bucket. For more information, see
Create buckets.
The Log Service project that is used to store OSS access logs and the OSS bucket belong to the same Alibaba Cloud account and reside in the same region.
- Log Service is authorized to assume the AliyunLogImportOSSRole role to access OSS.
You can go to the Cloud Resource Access Authorization page to authorize Log Service to access OSS.Note
- You need to perform this operation only if Log Service was not authorized to assume the AliyunActionTrailDefaultRole role by using an Alibaba Cloud account.
- If you use a RAM user to log on to OSS, you must authorize the RAM user by using an Alibaba Cloud account. For more information, see RAM user authorization.
- You must not delete the RAM role or revoke the permissions from the RAM role. Otherwise, logs cannot be shipped to Log Service.