Control: Ensure that Object-level logging for write events is enabled for S3 bucket
Description
This rule enables object-level logging for write events for S3 buckets. Object-level logging for write events helps in identifying the requestor who performed the write operation on the S3 bucket objects.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.cloudtrail_s3_object_write_events_audit_enabled
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.cloudtrail_s3_object_write_events_audit_enabled --share
SQL
This control uses a named query:
cloudtrail_s3_object_write_events_audit_enabled