...
Remediation Steps:
Perform following to disable public access to cloud trail bucket update cloudtrail server access logging :
Login to the AWS Management Console at https://console.aws.amazon.com
Navigate to S3 service.
Click on S3 bucket reported to enable server access logging.
Click on the Properties tab.
Choose Server access logging.
Choose Enable Logging. For Target, choose the name of the bucket that you want to receive the log record objects.
Optionally, For Target prefix, type a key name prefix for log objects, so that all the log objects begin with the same string.
Choose Save.
...