Cold Storage

Learn how to configure AWS S3 cold storage for log archival and cost optimization with Last9

Overview

Automatically archive logs older than 14 days to S3 for cost-effective storage and on-demand rehydration.

note

The default log retention period in Last9 is 14 days. To modify this retention period for your specific needs, please reach out to our support team at cs@last9.io.

Control Plane

Setup

Create IAM Role with permissions to the S3 bucket:

{
    "Version": "2012-10-17",
    "Statement": [{
        "Effect": "Allow",
        "Action": [
            "s3:PutObject",
            "s3:GetObject",
            "s3:ListBucket",
            "s3express:CreateSession"
        ],
        "Resource": [
            "arn:aws:s3:::<YOUR_BUCKET_NAME>",
            "arn:aws:s3:::<YOUR_BUCKET_NAME>/*"
        ]
    }]
}

Add Trust Relationship:

{
    "Version": "2012-10-17",
    "Statement": [{
        "Effect": "Allow",
        "Principal": {
            "Service": "s3.amazonaws.com",
            "AWS": "arn:aws:iam::<LAST9_STORAGE_USER>"
        },
        "Action": "sts:AssumeRole"
    }]
}

Make sure that the role session expirry is set to minimum 4 hours.

info

Contact Last9 support for LAST9_STORAGE_USER ARN.

Enable Cold Storage

Configure your bucket name and role ARN in Cold Storage.

Once the cold storage is enabled, you can rehydrate the logs on demand. Read the Rehydration guide for more details.

Troubleshooting

Need help? Join our Discord or email cs@last9.io.

Overview​

Setup​

Troubleshooting​

Overview

Setup

Troubleshooting