S3 Bucket Does Not Have Server Access Logging Enabled

Overview

Check whether server access logging is activated for S3 buckets. Enabling server access logs can aid in security assessments, access audits, customer insights, and comprehending Amazon S3 billing. Confirm the presence of logging for S3 buckets. Note that CloudTrail data events can substitute for S3 bucket logging. In such instances, this discovery might be classified as a false positive.

Vendor

AWS

Cloud Service

S3.9

References

https://docs.aws.amazon.com/AmazonS3/latest/dev/security-best-practices.html

Severity

Item Types

AWS::S3::Bucket

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​