Skip to main content

💼 [S3.9] S3 general purpose buckets should have server access logging enabled

ID: /frameworks/aws-fsbp-v1.0.0/s3/09

Description

Server access logging provides detailed records of requests made to a bucket. Server access logs can assist in security and access audits.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/s3-controls.html#s3-9
Internal
- ID: dec-c-10f83561

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		14	16		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			9		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	19		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		17		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	28		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			8		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			8		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		7		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	65		no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		13		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			14		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			6		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			5		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			8		no data
💼 PCI DSS v4.0.1 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7		27		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (2)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail S3 Bucket Access Logging is not enabled.🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket Server Access Logging is not enabled🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-e0014333	2

Description
Similar
Similar Sections (Give Policies To)
Sub Sections
Policies (2)
Internal Rules