Aqua CSPM

S3 Bucket Logging

Quick Info

Plugin TitleS3 Bucket Logging
CloudAWS
CategoryS3
DescriptionEnsures S3 bucket logging is enabled for S3 buckets
More InfoS3 bucket logging helps maintain an audit trail of access that can be used in the event of a security incident.
AWS Linkhttp://docs.aws.amazon.com/AmazonS3/latest/dev/Logging.html
Recommended ActionEnable bucket logging for each S3 bucket.

Detailed Remediation Steps

  1. Log into the AWS Management Console.
  2. Select the “Services” option and search for S3.
  3. Scroll down the left navigation panel and choose “Buckets”.
  4. Select the “Bucket” that needs to be verified and click on its identifier(name) from the “Bucket name” column.
  5. Click on the “Properties” tab on the top menu.
  6. Check the “Server access logging” option under “Properties” and if it’s set to “Disable logging” then S3 bucket logging is not enabled for the selected S3 bucket.
  7. Repeat steps number 2 - 6 to verify other S3 buckets in the region.
  8. Select the “S3 bucket” on which “Logging” needs to be enabled and click on the “Properties” tab.
  9. Click on the “Enable logging” option under “Server access logging” and choose the “Target bucket” from the dropdown menu for storing the logs and provide a unique name under “Target prefix” for the subdirectory where S3 logs will be stored.
  10. Click on the “Save” button to make the necessary changes.
  11. Repeat steps number 8 - 10 to enable “Logging” for other S3 buckets.