Quick Info
| Plugin Title | S3 Bucket Logging |
| Cloud | AWS |
| Category | S3 |
| Description | Ensures S3 bucket logging is enabled for S3 buckets |
| More Info | S3 bucket logging helps maintain an audit trail of access that can be used in the event of a security incident. |
| AWS Link | http://docs.aws.amazon.com/AmazonS3/latest/dev/Logging.html |
| Recommended Action | Enable bucket logging for each S3 bucket. |
Detailed Remediation Steps
- Log into the AWS Management Console.
- Select the “Services” option and search for S3.
- Scroll down the left navigation panel and choose “Buckets”.
- Select the “Bucket” that needs to be verified and click on its identifier(name) from the “Bucket name” column.
- Click on the “Properties” tab on the top menu.
- Check the “Server access logging” option under “Properties” and if it’s set to “Disable logging” then S3 bucket logging is not enabled for the selected S3 bucket.
- Repeat steps number 2 - 6 to verify other S3 buckets in the region.
- Select the “S3 bucket” on which “Logging” needs to be enabled and click on the “Properties” tab.
- Click on the “Enable logging” option under “Server access logging” and choose the “Target bucket” from the dropdown menu for storing the logs and provide a unique name under “Target prefix” for the subdirectory where S3 logs will be stored.
- Click on the “Save” button to make the necessary changes.
- Repeat steps number 8 - 10 to enable “Logging” for other S3 buckets.