Logstash output would not work for me without s3:deleteObject permission although as I understand, only the s3:putObject permission is required for the plugin to work properly. Without the s3:deleteObject an xml file appeared in my s3 bucket, named logstash-programmatic-access-test-object with the date also in the title. It contained the following:
Could this possibly be a bug in the plugin? Or have I misunderstood something? Thanks!