enable_logging ( $bucket, $target_bucket, $target_prefix, $opt )

Enables access logging for the specified Amazon S3 bucket.

Access

public

Parameters

Parameter

Type

Required

Description

$bucket

string

Required

The name of the bucket to enable logging for. Pass a null value when using the set_vhost() method.

$target_bucket

string

Required

The name of the bucket to store the logs in.

$target_prefix

string

Required

The prefix to give to the log file names.

$opt

array

Optional

An associative array of parameters that can have the following keys:

  • users - array - Optional - An array of associative arrays specifying any user to give access to. Each associative array contains an id and permission value.
  • curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
  • returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

Returns

Type

Description

CFResponse

A CFResponse object containing a parsed HTTP response.

Examples

Enable logging on a bucket.

// Instantiate the class
$s3 = new AmazonS3();
$logged_bucket = 'my-bucket-test' . strtolower($s3->key);
$logging_bucket = 'my-bucket-logs' . strtolower($s3->key);

// Create bucket for storing logs
$bucket = $s3->create_bucket($logging_bucket, AmazonS3::REGION_US_STANDARD);

// Ensure that the bucket was created successfully...
if ($bucket->isOK())
{
	// Enable READ_ACP and WRITE permissions for the system-wide "logging" user.
	$acl = $s3->set_bucket_acl($logging_bucket, array(
		array( 'id' => AmazonS3::USERS_LOGGING,            'permission' => AmazonS3::GRANT_READ_ACP     ), // Logging user, READ_ACP
		array( 'id' => AmazonS3::USERS_LOGGING,            'permission' => AmazonS3::GRANT_WRITE        ), // Logging user, WRITE
		array( 'id' => CFCredentials::get()->canonical_id, 'permission' => AmazonS3::GRANT_FULL_CONTROL ), // Self, FULL_CONTROL
	));

	// Ensure that the ACL was set correctly...
	if ($acl->isOK())
	{
		// Enable logging on the bucket
		$response = $s3->enable_logging($logged_bucket, $logging_bucket, 'log_', array(
			'users' => array(
				array('id' => AmazonS3::USERS_AUTH,    'permission' => AmazonS3::GRANT_READ),
				array('id' => AmazonS3::USERS_ALL,     'permission' => AmazonS3::GRANT_READ),
				array('id' => AmazonS3::USERS_LOGGING, 'permission' => AmazonS3::GRANT_READ),
				array('id' => 'email@domain.com', 'permission' => AmazonS3::GRANT_FULL_CONTROL),
			)
		));

		// Success?
		var_dump($response->isOK());
	}
}
Result:
bool(true)

See Also

Source

Method defined in services/s3.class.php | Toggle source view (68 lines) | View on GitHub

public function enable_logging($bucket, $target_bucket, $target_prefix, $opt = null)
{
    // Add this to our request
    if (!$opt) $opt = array();
    $opt['verb'] = 'PUT';
    $opt['sub_resource'] = 'logging';
    $opt['headers'] = array(
        'Content-Type' => 'application/xml'
    );

    $xml = simplexml_load_string($this->base_logging_xml);
    $LoggingEnabled = $xml->addChild('LoggingEnabled');
    $LoggingEnabled->addChild('TargetBucket', $target_bucket);
    $LoggingEnabled->addChild('TargetPrefix', $target_prefix);
    $TargetGrants = $LoggingEnabled->addChild('TargetGrants');

    if (isset($opt['users']) && is_array($opt['users']))
    {
        foreach ($opt['users'] as $user)
        {
            $grant = $TargetGrants->addChild('Grant');
            $grantee = $grant->addChild('Grantee');

            switch ($user['id'])
            {
                // Authorized Users
                case self::USERS_AUTH:
                    $grantee->addAttribute('xsi:type', 'Group', 'http://www.w3.org/2001/XMLSchema-instance');
                    $grantee->addChild('URI', self::USERS_AUTH);
                    break;

                // All Users
                case self::USERS_ALL:
                    $grantee->addAttribute('xsi:type', 'Group', 'http://www.w3.org/2001/XMLSchema-instance');
                    $grantee->addChild('URI', self::USERS_ALL);
                    break;

                // The Logging User
                case self::USERS_LOGGING:
                    $grantee->addAttribute('xsi:type', 'Group', 'http://www.w3.org/2001/XMLSchema-instance');
                    $grantee->addChild('URI', self::USERS_LOGGING);
                    break;

                // Email Address or Canonical Id
                default:
                    if (strpos($user['id'], '@'))
                    {
                        $grantee->addAttribute('xsi:type', 'AmazonCustomerByEmail', 'http://www.w3.org/2001/XMLSchema-instance');
                        $grantee->addChild('EmailAddress', $user['id']);
                    }
                    else
                    {
                        // Assume Canonical Id
                        $grantee->addAttribute('xsi:type', 'CanonicalUser', 'http://www.w3.org/2001/XMLSchema-instance');
                        $grantee->addChild('ID', $user['id']);
                    }
                    break;
            }

            $grant->addChild('Permission', $user['permission']);
        }
    }

    $opt['body'] = $xml->asXML();

    // Authenticate to S3
    return $this->authenticate($bucket, $opt);
}

Copyright © 2010–2013 Amazon Web Services, LLC


Feedback