S3

Fastly will upload log messages to the S3 bucket in the format specified in the S3 object.

Data model

access_keystringThe access key for your S3 account. Not required if iam_role is provided.
aclstringThe access control list (ACL) specific request header. See the AWS documentation for Access Control List (ACL) Specific Request Headers for more information.
bucket_namestringThe bucket name for S3 account.
compression_codecstringThe codec used for compression of your logs. Valid values are zstd, snappy, and gzip. If the specified codec is "gzip", gzip_level will default to 3. To specify a different level, leave compression_codec blank and explicitly set the level using gzip_level. Specifying both compression_codec and gzip_level in the same API request will result in an error.
domainstringThe domain of the Amazon S3 endpoint.
formatstringA Fastly log format string.
format_versionintegerThe version of the custom logging format used for the configured endpoint. The logging call gets placed by default in vcl_log if format_version is set to 2 and in vcl_deliver if format_version is set to 1.
gzip_levelintegerWhat level of gzip encoding to have when sending logs (default 0, no compression). If an explicit non-zero value is set, then compression_codec will default to "gzip." Specifying both compression_codec and gzip_level in the same API request will result in an error.
iam_rolestringThe Amazon Resource Name (ARN) for the IAM role granting Fastly access to S3. Not required if access_key and secret_key are provided.
message_typestringHow the message should be formatted.
namestringThe name for the real-time logging configuration.
pathstringThe path to upload logs to.
periodintegerHow frequently log files are finalized so they can be available for reading (in seconds).
placementstringWhere in the generated VCL the logging call should be placed. If not set, endpoints with format_version of 2 are placed in vcl_log and those with format_version of 1 are placed in vcl_deliver.
public_keystringA PGP public key that Fastly will use to encrypt your log files before writing them to disk.
redundancystringThe S3 redundancy level.
response_conditionstringThe name of an existing condition in the configured endpoint, or leave blank to always execute.
secret_keystringThe secret key for your S3 account. Not required if iam_role is provided.
server_side_encryptionstringSet this to AES256 or aws:kms to enable S3 Server Side Encryption.
server_side_encryption_kms_key_idstringOptional server-side KMS Key Id. Must be set if server_side_encryption is set to aws:kms or AES256.
timestamp_formatstringDate and time in ISO 8601 format.
created_atstringDate and time in ISO 8601 format.
deleted_atstringDate and time in ISO 8601 format.
service_idstringAlphanumeric string identifying the service.
updated_atstringDate and time in ISO 8601 format.
versionintegerInteger identifying a service version.

Endpoints

List AWS S3 log endpoints

GET/service/service_id/version/version_id/logging/s3

Create an AWS S3 log endpoint

POST/service/service_id/version/version_id/logging/s3

Get an AWS S3 log endpoint

GET/service/service_id/version/version_id/logging/s3/logging_s3_name

Update an AWS S3 log endpoint

PUT/service/service_id/version/version_id/logging/s3/logging_s3_name

Delete an AWS S3 log endpoint

DELETE/service/service_id/version/version_id/logging/s3/logging_s3_name