CloudTrail Trails Do Not Send Logs To Centralized S3 Bucket

Overview

This check verifies that one of the AWS CloudTrail trails in this account is configured to send logs to a specified centralized S3 bucket. Centralizing CloudTrail logs is essential for security, troubleshooting, and auditing across your AWS environment.
This check automatically passes for an organization trail.

Action Required:

Please provide additional check configuration. Input the name of your CloudTrail log S3 bucket (or buckets) for verification. This is required to ensure that all trails, whether part of an organization trail or not, correctly direct logs to these centralized buckets.

Vendor

AWS

Cloud Service

CloudTrail

Input

{"logBuckets":{"label":"S3 Buckets for CloudTrail Logs","value":[],"type":"string[]","helpText":"Add the S3 buckets that are used to store CloudTrail logs"}}

CSMM v1 LOG-03.1

References

Severity

Item Types

Custom::AWS::Account

AWS::CloudTrail::Trail

Overview​

Vendor​

Cloud Service​

Input​

Related Controls​

References​

Severity​

Item Types​

Related Item Types​