Logging and monitoring

S3 Bucket Object-Level Logging for Write Events is Disabled

Platform(s)
Compliance Frameworks

AWS CIS, Brazilian General Data Protection (LGPD), CCM-CSA, CCPA, cis_8, CPRA, Data Security Posture Management (DSPM) Best Practices, GDPR, hdh, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, UK Cyber Essentials

Description

S3 object-level API operations such as GetObject, DeleteObject, and PutObject are called data events. By default, CloudTrail trails don't log data events and so it is recommended to enable Object-level logging for S3 buckets.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo