CloudTrail bucket MFA delete is disabled

Logging and monitoring

CloudTrail bucket MFA delete is disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
essential_8_au_level_1
essential_8_au_level_2
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. We identified CloudTrail logging bucket MFA delete attribute is disabled.

Recommended Mitigation

In order to enhance the visibility of API calls in the account, CloudTrail logging for bucket MFA delete attribute should be enabled. more details can be found in <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete</a>

CloudTrail bucket MFA delete is disabled

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS