corner gradient
Blog

S3 Bucket Server Access Logging Should Be Enabled

S3 Bucket Server Access Logging Should Be Enabled

It’s recommended that users enable bucket access logging on the S3 bucket storing CloudTrail log data. Such logging tracks access requests to this S3 bucket and can be useful in security and incident response workflows. By enabling bucket access logging on your S3 bucket that stores CloudTrail log data, you can track the access requests to it, while also providing additional security and allowing you to formulate better incident response workflows.

Here is what you need to know about bucket server access logging and how to enable it.

By turning on logging on all your buckets, you’re ensuring that all changes are both logged and trackable – which provides you with valuable data, a concrete trail of information, and better allows you to be able to react in the case of an incident or problem.

To enable GSL Logic enter the following: S3Bucket should have logging.enabled=true

For remediation purposes, ensure that logging is turned on. From TF:

resource "aws_s3_bucket" "test" {
 bucket = "my-tf-test-bucket"
 acl = "private"
 tags = {
  Name = "My bucket"
  Environment = "Dev"
  }

 + logging {
  + target_bucket = "logs"
  + }
 }

 

For referencing the AWS documentation, please visit the following link: http://docs.aws.amazon.com/AmazonS3/latest/user-guide/server-access-logging.html

For auto-remediation utilizing CloudBots: cloudbot_name: s3_enable_logging

What this does is that it turns on the server access logging. Now, the target bucket needs to be in the same region as the remediation bucket, or else it will throw out a CrossLocationLoggingProhibitted error. The bot will also create a bucket that it will log to. Usage: s3_enable_logging

There are no limitations attached to doing so.

For simple storage services (S3), this can be a process. However, it’s a simple fact of the market that today’s companies need to be capable of securely collecting, storing, and analyzing the data that they collect from a wide variety of sources – including websites, mobile apps, corporate applications, and data from IoT sensors or devices.

Simple storage services, otherwise known by the abbreviation of S3, are designed to deliver 99.999% durability, and they can store data generated by millions of different applications used across the market today. S3 solutions are used by market leaders in every industry currently, making them an invaluable tool to anyone looking for a solution.

Comments

No comments yet! Why don't you be the first?
Add a comment

Get started with MatosSphere today

Get Demo