Logging and monitoring

Create a Metric Alarm and Filter for

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch and establishing corresponding metric filters and alarms. No such filter or alarm was detected for changes to S3 bucket policies. Monitoring changes to S3 bucket policies will make it easier to detect and rectify permissive policies.
  • Recommended Mitigation

    Set up a metric filter and alarm to watch and audit changes to S3 bucket policies.