Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ for Cloud Object Store Administrator's Guide
  3. Protecting Cloud object store assets
  4. About object change tracking
  5. Configuring access policy on the log bucket
NetBackup™ for Cloud Object Store Administrator's Guide

Configuring access policy on the log bucket

You must configure a policy on the log bucket to enable logging for all other buckets. Here is a sample policy document for the log bucket. The policy name is log-bucket, and source-bucket as the source bucket name.

{  

 	"Version": "2012-10-17",  

 	 "Statement": [  

 {  

      "Sid": "AllowLoggingFromSourceBucket",  

      "Effect": "Allow",  

      "Principal": {  

      "Service": "logging.s3.amazonaws.com"  

     	 },  

      	"Action": "s3:PutObject",  

"Resource": "arn:aws:s3:::log-bucket/prefix*",  

 "Condition": {  

       	 	"ArnLike": {  

 "aws:SourceArn": "arn:aws:s3:::source-bucket"  

        		}  

      	}  

    }  

   ]  

} 

Feedback

Was this page helpful?
Previous

Configuring access permissions for the buckets

Next

Configuration guidelines for IBM Storage Ceph

Feedback

Was this page helpful?