I don't know the region of my Splunk Cloud Platform environment

I received the following error when testing my self storage location:

Your S3 bucket must be in the same region as your Splunk Cloud Platform environment <AWS Region> .

Diagnosis

Splunk Cloud Platform detected that you created your S3 bucket in a different region than your Splunk Cloud Platform environment.

Solution

If you are unsure of the region of your Splunk Cloud Platform environment, review the error message. The <AWS Region> portion of the error message displays the correct region to create your S3 bucket. After you determine the region, repeat the steps to create the self storage location.

I received an error when testing the self storage location

When I attempted to create a new self storage location, the following error occurred when I clicked the Test button:

 Unable to verify the region of your S3 bucket, unable to get bucket_region to verify. An error occurred (403) when calling the Headbucket operation: Forbidden. Contact Splunk Support. 

Diagnosis

You might get an error for the following reasons:

• You modified the permissions on the bucket policy.
• You pasted the bucket policy into the incorrect Amazon S3 bucket.
• You did not paste the bucket policy to the Amazon S3 bucket, or you did not save the changes.
• An error occurred during provisioning.

Solution

1. Ensure that you did not modify the S3 bucket permissions. The following actions must be allowed: s3:PutObject, s3:GetObject, s3:ListBucket, s3:ListBucketVersions, s3:GetBucketLocation.
2. Verify that you applied the bucket policy to the correct S3 bucket, and that you saved your changes.
3. If you created the S3 bucket in the correct region, the permissions are correct and you applied and saved the bucket policy to the correct S3 bucket, contact Splunk Support to further troubleshoot the issue.

To review the steps to create the S3 bucket, see Configure self storage in Amazon S3 in this topic.

To review how to apply a bucket policy, see the Amazon AWS S3 documentation and search for "how do I add an S3 bucket policy?".

I'm using Splunk Cloud Platform for a US government entity, and received an error message that the bucket couldn't be found.

I received the following error message:

Cannot find the bucket '{bucket_name}', ensure that the bucket is created in the '{region_name} region.

Diagnosis

For security reasons, S3 bucket names aren't global for US government entities using Splunk Cloud Platform because Splunk can only verify the region of the stack. Buckets with the same name can exist in the available AWS regions that Splunk Cloud Platform supports. For more information, see the Available regions section in the Splunk Cloud Platform Service Description. For more information about AWS GovCloud (US), see the AWS GovCloud (US) website and the AWS GovCloud (US) User Guide.

Solution

If buckets that share the same name must exist in both regions, add the missing bucket to the appropriate region.