Ensure Object-Level Logging for Write Events Rule
This rule ensures object-level logging for write events is enabled for S3 bucket.
| Rule | Ensure that Object-level logging for write events is enabled for S3 bucket |
| Framework | cis_v140 |
| Severity | ✔ High |
Rule Description:
This rule/policy ensures that Object-level logging for write events is enabled for an S3 bucket named "cis_v140". Enabling object-level logging for write events allows for the tracking and analysis of all write operations performed on objects within the S3 bucket. This is crucial for enhancing the security and auditability of the bucket, as it enables monitoring and detection of any unauthorized or suspicious write activities.
Troubleshooting Steps:
Troubleshooting steps are not required for this rule. It is either enabled or not enabled.
Necessary Code:
There is no code provided for this rule.
Step-by-Step Guide for Remediation:
To ensure that Object-level logging for write events is enabled for the "cis_v140" S3 bucket, follow the step-by-step guide below:
- 1.
Open the AWS Management Console and navigate to the S3 service.
- 2.
In the S3 Dashboard, search for the "cis_v140" bucket in the list of available buckets and select it.
- 3.
Click on the "Properties" tab located at the top of the page.
- 4.
Scroll down to the "Server access logging" section. If object-level logging for write events is already enabled, no further action is needed.
- 5.
If object-level logging for write events is not enabled, click on the "Edit" button on the right-hand side.
- 6.
In the Edit Server Access Logging dialog box, ensure that the "Enable logging" option is checked.
- 7.
Select a target bucket in which log files will be stored. It is recommended to choose a separate bucket from the source bucket for better security and accessibility.
- 8.
Optionally, define a prefix for the log files to distinguish them from other logs.
- 9.
Click on the "Save" button to save the changes.
- 10.
Verify that object-level logging for write events is enabled by checking the "Properties" tab again. It should now display the target bucket and the log file prefix if specified.
By following these steps, you can ensure that Object-level logging for write events is enabled for the "cis_v140" S3 bucket in AWS. This provides an extra layer of security and auditability by tracking and analyzing all write operations performed on objects within the bucket.