Create a Metric Alarm and Filter for S3 policy changes

Logging and monitoring

Create a Metric Alarm and Filter for S3 policy changes

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS CIS
Brazilian General Data Protection (LGPD)
CCM-CSA
CSA CCM
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
NIST 800-53

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch and establishing corresponding metric filters and alarms. No such filter or alarm was detected for changes to S3 bucket policies. Monitoring changes to S3 bucket policies will make it easier to detect and rectify permissive policies.

Recommended Mitigation

Set up a metric filter and alarm to watch and audit changes to S3 bucket policies.

Create a Metric Alarm and Filter for S3 policy changes

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS