Getting application logs. Command failed on instance

docker amazon-web-services amazon-beanstalk

Old question, but I just figured this for our apps. What user policy are you using? If you are using ReadOnly, The default policy “AWSElasticBeanstalkReadOnlyAccess” does not include log download capability. In the aws documentation, theres an example of an IAM policy that can be created for a user to enable this functionality.

See http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo.iam.managed-policies.html under “Creating a Custom User Policy”. The final example shows the needed S3 permissions that need to be granted on top of what is already provided in the ReadOnlyAccess policy in order to bundle and download the logs.

Related

How to find source of system running slow clock?
NFS mount on Windows 8 non-enterprise
WSUS downloading driver updates every night
Stop nginx reverse proxy from redirecting
CPU parking, windows 2012r2, with no hyper threading
svnserve+sasl+ldap : saslauthd not contacted?
Server 2012 R2 Exchange 2013 Handle Leak
Whitelisting outgoing traffic from docker containers
PHP unable to mail() in chroot though I can use sendmail inside chroot
Server 2012 R2 unexpected crash DRIVER_IRQL_NOT_LESS_OR_EQUAL
Why does Windows Server 2012 R2 Standard edition show only 20% of my available memory?
Kerberos with OpenLDAP backend: Password Sync HowTo