turbot/aws_compliance

Control: Ensure that Object-level logging for write events is enabled for S3 bucket

Description

This rule enables object-level logging for write events for S3 buckets. Object-level logging for write events helps in identifying the requestor who performed the write operation on the S3 bucket objects.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.cloudtrail_s3_object_write_events_audit_enabled

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.cloudtrail_s3_object_write_events_audit_enabled --share

SQL

This control uses a named query:

cloudtrail_s3_object_write_events_audit_enabled

Tags