I was trying to rotate the AWS keys that we use to forward logs to s3 but I'm getting the following error.
"We were unable to initiate S3 object uploads because the specified credentials do not have the necessary permissions on the S3 bucket."
We have our security policy for the data forwarding defined as follows:
The noted error may occur when the IAM policy includes a trailing wildcard after the root resource (ie. path) name within the policy. A trailing wildcard will prevent Sumo Logic from having access to the bucket and path supplied and result in an error. Removing the trailing wildcard from the defined resource should address the error being presented.
For example, update the following line in the IAM user policy