Home Whiteboard Practice Code Graphing Calculator Online Compilers Articles Tools
Tutorials Courses Jobs

How to get the bucket logging details of a S3 bucket using Boto3 and AWS Client?

Boto3 Python Server Side Programming Programming

S3 bucket logging allows you to track access requests to your Amazon S3 buckets. Using Boto3, you can retrieve logging configuration details programmatically to monitor and audit bucket access patterns.

Problem Statement

Use the boto3 library in Python to get the logging details of an S3 bucket. For example, find the logging configuration of a bucket named "my-sample-bucket".

Approach

Step 1 ? Import boto3 and botocore.exceptions to handle AWS service exceptions.

Step 2 ? Create an AWS session and S3 client using boto3.

Step 3 ? Use the get_bucket_logging() method with the bucket name as parameter.

Step 4 ? Handle exceptions for cases where logging is not configured or access is denied.

Step 5 ? Return the logging configuration as a dictionary containing target bucket, prefix, and grants information.

Example

The following code demonstrates how to retrieve S3 bucket logging details ?

import boto3
from botocore.exceptions import ClientError

def get_bucket_logging_of_s3(bucket_name):
    session = boto3.session.Session()
    s3_client = session.client('s3')
    try:
        result = s3_client.get_bucket_logging(Bucket=bucket_name)
        return result
    except ClientError as e:
        error_code = e.response['Error']['Code']
        if error_code == 'NoSuchBucket':
            return f"Error: Bucket '{bucket_name}' does not exist."
        elif error_code == 'AccessDenied':
            return f"Error: Access denied to bucket '{bucket_name}'."
        else:
            return f"ClientError: {e}"
    except Exception as e:
        return f"Unexpected error: {e}"

# Example usage
bucket_name = "my-sample-bucket"
logging_config = get_bucket_logging_of_s3(bucket_name)
print(logging_config)

Output

When logging is enabled, the output will look like this ?

{
    'LoggingEnabled': {
        'TargetBucket': 'my-log-bucket',
        'TargetPrefix': 'access-logs/',
        'TargetGrants': [
            {
                'Grantee': {
                    'DisplayName': 'bucket-owner',
                    'ID': '1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef',
                    'Type': 'CanonicalUser'
                },
                'Permission': 'FULL_CONTROL'
            }
        ]
    }
}

If logging is not configured, you'll get an empty response ?

{}

Key Response Fields

TargetBucket ? The bucket where access logs are stored.

TargetPrefix ? The prefix for log file names (helps organize logs).

TargetGrants ? Permissions for accessing the log files.

Conclusion

Use get_bucket_logging() to retrieve S3 bucket logging configuration. Always handle ClientError exceptions for robust error handling when the bucket doesn't exist or access is denied.

Updated on: 2026-03-25T18:10:52+05:30

654 Views

Kickstart Your Career

Get certified by completing the course

Get Started
Advertisements