/
AWS-S3-S3-Bucket-Logging

AWS-S3-S3-Bucket-Logging

Severity: High

Description: Checks for S3 buckets without access logging turned on. Access logging allows customers to view complete audit trail on sensitive workloads such as S3 buckets. It is recommended that Access logging is turned on for all S3 buckets to meet audit & compliance requirement.

Remediation Steps:

Perform the following to enable logging on s3 bucket :

  1. Login to the AWS Console at https://console.aws.amazon.com and navigate to the 'S3' service.

  2. Click on the the S3 bucket that was reported.

  3. Click on the Properties tab.

  4. Under the Server access logging section, select Enable logging.

  5. Set Target Bucket to receive the log record objects. Set Target Prefix (Optional).

  6. Choose save.

Importent :

Reference:

Related content

AWS-S3-Server-Access-Logging-Off
AWS-S3-Server-Access-Logging-Off
More like this
AWS-S3-S3-Bucket-Public-Access-Block
AWS-S3-S3-Bucket-Public-Access-Block
More like this
AWS-S3-S3-Bucket-Enforce-Object-Encryption
AWS-S3-S3-Bucket-Enforce-Object-Encryption
Read with this
AWS-S3-Public
More like this
AWS-S3-S3-Bucket-Versioning
AWS-S3-S3-Bucket-Versioning
More like this
AWS-S3-Policies-With-Write-Access
AWS-S3-Policies-With-Write-Access
More like this

Blue Hexagon Proprietary