Data at risk

Alicloud OSS Bucket without Access Logging

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are stored in containers called buckets. It was detected that the OSS bucket {AlicloudOssBucket} does not have logging enabled. Logging generates a log that contains access records for each request made to your OSS bucket. By enabling OSS bucket logging on target OSS buckets, it is possible to capture all events which may affect objects within a target bucket.

  • Recommended Mitigation

    It is recommended to enable logging for buckets to track the access of objects in them. For more information on how to configure logging see: <a href="https://www.alibabacloud.com/help/doc-detail/31900.html" target="_blank" rel="noopener noreferrer">https://www.alibabacloud.com/help/doc-detail/31900.html</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.