Rule: S3 Bucket Logging Should Be Enabled

This rule ensures that logging is enabled for S3 buckets, promoting better security and compliance.

Rule	S3 bucket logging should be enabled
Framework	RBI Cyber Security Framework
Severity	✔ Low

Rule Description

The rule requires enabling S3 bucket logging for compliance with the RBI Cyber Security Framework. Enabling logging allows you to track activity and access to your S3 buckets, providing an audit trail for security and compliance purposes.

Troubleshooting Steps (if applicable)

Troubleshooting steps can help resolve any issues encountered during the process. Here are some common troubleshooting steps:

1.
Ensure S3 bucket permissions: Check if the IAM user or role used to enable logging has appropriate permissions (e.g.,
```
s3:PutBucketLogging
```
and
```
s3:GetBucketLogging
```
) to modify the bucket's logging configuration.

2.

Verify bucket name and region: Make sure you are specifying the correct bucket name and the bucket is in the desired region.

3.

Check bucket policy: Confirm that the bucket policy does not restrict logging configurations. If there are any conflicting policies, adjust them accordingly.

4.

Validate logging destination: Verify the target logging destination, such as another S3 bucket or AWS CloudTrail, is correctly configured and accessible.

Necessary Code (if applicable)

If there are any necessary code snippets required to enable S3 bucket logging, they will be provided below:

AWS CLI Command

aws s3api put-bucket-logging --bucket <bucket-name> --bucket-logging-status '{"LoggingEnabled":{"TargetBucket":"<target-bucket-name>","TargetPrefix":"logs/"}}'

Note: Replace

<bucket-name>

with the name of your S3 bucket and
<target-bucket-name>
with the name of the bucket where you want to store the logs.

AWS SDK (Python)

import boto3

s3_client = boto3.client('s3')

response = s3_client.put_bucket_logging(
    Bucket='<bucket-name>',
    BucketLoggingStatus={
        'LoggingEnabled': {
            'TargetBucket': '<target-bucket-name>',
            'TargetPrefix': 'logs/'
        }
    }
)

Note: Replace

<bucket-name>

with the name of your S3 bucket and
<target-bucket-name>
with the name of the bucket where you want to store the logs.

Remediation Steps

Follow the step-by-step guide below to enable S3 bucket logging for compliance with the RBI Cyber Security Framework:

1.

Open the AWS Management Console and navigate to the S3 service.

2.

Locate the S3 bucket for which you want to enable logging and select it.

3.

Click on the "Properties" tab.

4.

Scroll down and find the "Server access logging" section.

5.

Click the "Edit" button.

6.

In the "Target Bucket" field, enter the name of the bucket where you want to store the logs.

7.

Optionally, specify a "Target Prefix" to organize the logs within the target bucket.

8.

Click the "Save" button to enable S3 bucket logging.

9.

Verify that logging has been enabled by checking if the target bucket receives the logs.

10.

Repeat the above steps for any other S3 buckets that need logging enabled.

Conclusion

Enabling S3 bucket logging is crucial for meeting the requirements of the RBI Cyber Security Framework. By following the troubleshooting steps (if needed) and using the provided AWS CLI commands or SDK for code implementation, you can ensure that your S3 buckets have logging enabled. Regularly review the logs stored in the target bucket to maintain visibility and compliance.

Rule: S3 Bucket Logging Should Be Enabled

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS CLI Command

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS SDK (Python)

Is your System Free of Underlying Vulnerabilities? Find Out Now

AWS CLI Command

AWS SDK (Python)

Is your System Free of Underlying Vulnerabilities?
Find Out Now