v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: 11 S3 buckets should have event notifications enabled

Description

This control checks whether S3 Event Notifications are enabled on an Amazon S3 bucket. This control fails if S3 Event Notifications are not enabled on a bucket.

By enabling Event Notifications, you receive alerts on your Amazon S3 buckets when specific events occur. For example, you can be notified of object creation, object removal, and object restoration. These notifications can alert relevant teams to accidental or intentional modifications that may lead to unauthorized data access.

Remediation

For more information on detecting changes to S3 buckets and objects, see Amazon S3 Event Notifications in the Amazon S3 User Guide.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.foundational_security_s3_11

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.foundational_security_s3_11 --share

SQL

This control uses a named query:

s3_bucket_event_notifications_enabled

Tags

aws_foundational_security = true
category = Compliance
foundational_security_category = logging
foundational_security_item_id = s3_11
plugin = aws
service = AWS/S3