Skip to main content

💼 2.3 Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible

Contextual name: 💼 2.3 Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible
ID: /frameworks/cis-aws-v1.2.0/02/03
Located in: 💼 2 Logging

Description

CloudTrail logs a record of every API call made in your AWS account. These logs file are stored in an S3 bucket. It is recommended that the bucket policy or access control list (ACL) applied to the S3 bucket that CloudTrail logs to prevents public access to the CloudTrail logs.

Similar

Sections
- /frameworks/cis-aws-v1.3.0/03/03
Internal
- ID: dec-c-accfb3c5

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.3.0 → 💼 3.3 Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.3.0 → 💼 3.3 Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections