td-agentがamazon linux 2でapacheのログ収集ができない

amazon linux2にtd-agentをインストールして、apacheのログファイルを収集しようとしたところ、permissionの問題でできませんでした。

td-agentのデーモンをinit.dで動かす場合の解決策はみつかるのですが、systemdで動かす場合どの設定ファイルの変更が必要でしょうか？

環境

• amazon linux2はmacのvirtualboxにvagrantでインストールしています。
• virtual box: 5.2.16 r123759
• vagrant: Vagrant 2.1.2

1 apacheとtd-agentをansibleでインストール

# ansible/playbook.yml
# install apache
- name: install httpd (apache)
  become: yes
  yum:
    name: httpd
    state: present 

# install td-agent
 - name: install td-agent
    raw: "curl -L https://toolbelt.treasuredata.com/sh/install-amazon2- td-agent3.sh | sh"

- name: upload etc/td-agent/td-agent.conf
  become: yes
  copy: src=../etc/td-agent/td-agent.conf
        dest=/etc/td-agent/td-agent.conf
        directory_mode=yes

--

# /etc/td-agent/td-agent.conf
<source>
 type tail
 format apache
 path /var/log/httpd/access_log
 tag apache.access_log
 pos_file /var/log/td-agent/access_log.pos
</source>

<source>
 type tail
 format apache
 path /var/log/httpd/error_log
 tag apache.error_log
 pos_file /var/log/td-agent/error_log.pos
</source>

<match apache.**>
 type forward
 <server>
  name jobq01
  host 52.68.22.100
  port 24224
 </server>
</match>

2. apache起動

   $ sudo systemctl start httpd

3. chromeでvagrantのipにアクセスしapacheが起動していることを確認

4. td-agentの起動を確認

--

$ sudo systemctl start td-agent.service
$ sudo systemctl status td-agent.service
● td-agent.service - td-agent: Fluentd based data collector for Treasure Data
   Loaded: loaded (/usr/lib/systemd/system/td-agent.service; disabled; vendor preset: disabled)
   Active: active (running) since 月 2018-08-06 05:24:22 UTC; 1min 1s ago
     Docs: https://docs.treasuredata.com/articles/td-agent
  Process: 5532 ExecStart=/opt/td-agent/embedded/bin/fluentd --log /var/log/td-agent/td-agent.log --daemon /var/run/td-agent/td-agent.pid $TD_AGENT_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 5537 (fluentd)
   CGroup: /system.slice/td-agent.service
           └─5537 /opt/td-agent/embedded/bin/ruby /opt/td-agent/embedded/bin/fluentd --log /var/log/td-agent/td-agent.log --daemon /var/run/td-agent/td-agent.pid

 8月 06 05:24:21 localhost systemd[1]: Starting td-agent: Fluentd based data collector for Treasure Data...
 8月 06 05:24:22 localhost systemd[1]: Started td-agent: Fluentd based data collector for Treasure Data.