Ensure that S3 server access logging is enabled

Server access logging provides detailed records for the requests that are made to a bucket. Server access logs are useful for many applications. For example, access log information can be useful in security and access audits. It can also help you learn about your customer base and understand your Amazon S3 bill.

Risk Level: Low
Cloud Entity: Simple Storage Service (S3)
CloudGuard Rule ID: D9.CFT.LOG.04
Covered by Spectral: Yes
Category: Storage

GSL LOGIC

AWS_S3_Bucket where AccessControl!='LogDeliveryWrite' should have LoggingConfiguration

REMEDIATION

From CFT
Set AWS::S3::Bucket LoggingConfiguration property with appropriate values for DestinationBucketName and LogFilePrefix

References

  1. https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html
  2. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-loggingconfig.html

Simple Storage Service (S3)

Companies today need the ability to simply and securely collect, store, and analyze their data at a massive scale. Amazon S3 is object storage built to store and retrieve any amount of data from anywhere ��� web sites and mobile apps, corporate applications, and data from IoT sensors or devices. It is designed to deliver 99.999999999% durability, and stores data for millions of applications used by market leaders in every indu

Compliance Frameworks

  • AWS CloudFormation ruleset