Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Create the Transit Gateway Flow Logs source account role for Amazon S3

PDF
RSS
Focus mode
Create the Transit Gateway Flow Logs source account role for Amazon S3 - Amazon VPC

From the source account, create the source role in the AWS Identity and Access Management console.

To create the source account role

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, choose Policies.

  3. Choose Create policy.

  4. On the Create policy page, do the following:

    1. Choose JSON.

    2. Replace the contents of this window with the permissions policy at the start of this section.

    3. Choose Next: Tags and Next: Review.

    4. Enter a name for your policy and an optional description, and then choose Create policy.

  5. In the navigation pane, choose Roles.

  6. Choose Create role.

  7. For the Trusted entity type, choose Custom trust policy. For Custom trust policy, replace "Principal": {}, with the following, which specifies the log delivery service. Choose Next.

    "Principal": {
   "Service": "delivery.logs.amazonaws.com"
},

  8. On the Add permissions page, select the checkbox for the policy that you created earlier in this procedure, and then choose Next.

  9. Enter a name for your role and optionally provide a description.

  10. Choose Create role.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.