As you can see, we're applying a logging configuration which points to the S3 bucket we've created. We're configuring this load balancer to be Internet-facing, with an idle timeout of 60 seconds (the default).
All load balancers are Internet-facing by default, so it's not strictly necessary to define a Scheme in our example; however, it can be handy to include this anyway. This is especially the case if your CloudFormation template contains a mix of public and private load balancers.
If you specify a logging configuration but the load balancer can't access the S3 bucket, your CloudFormation stack will fail to complete.
Private ELBs are not Internet-facing and are available only to resources which live inside your VPC.
That's it! You now have a working application load balancer configured to ship logs to an S3 bucket.