Severity: HighCritical
Description: This policy identifies publicly accessible S3 buckets that store CloudTrail data. These buckets contains sensitive audit data and only authorized users and applications should have access.
...
Make sure updating Access Control List or Bucket Policy does not affect S3 bucket data access.
Reference: