Control: Ensure that Object-level logging for read events is enabled for S3 bucket
Description
This rule enables object-level logging for read events for S3 buckets. Object-level logging for read events helps in identifying the requestor who performed the read operation on the S3 bucket objects.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.cloudtrail_s3_object_read_events_audit_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.cloudtrail_s3_object_read_events_audit_enabled --shareSQL
This control uses a named query:
cloudtrail_s3_object_read_events_audit_enabled