Logging and monitoring

ActionTrail store logs to publicly accessible bucket

Risk Level

Informational (4)

Compliance Frameworks


ActionTrail is a web service that monitors and records actions performed on your cloud through cloud console, API calls, and SDK operations. The recorded events are stored at the configured Log Service Logstores and Object Storage Service buckets (if configured). It was detected that the ActionTrail {AliCloudActionTrail} store the logs to the bucket {AliCloudActionTrail.OssBucket} which is publicly accessible.
  • Recommended Mitigation

    It is recommended that the trail logs will be stored in a private OSS bucket.