Data protection

S3 Bucket Used to Store CloudTrail Logs is Publicly Accessible

Platform(s)
Compliance Frameworks
  • AWS CIS
    • ,
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCM-CSA
    • ,
  • CCPA
    • ,
  • cis_8
    • ,
  • CPRA
    • ,
  • CSA CCM
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • essential_8_au
    • ,
  • essential_8_au_level_2
    • ,
  • GDPR
    • ,
  • hdh
    • ,
  • HITRUST
    • ,
  • ISO 27701
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • New Zealand Information Security Manual
    • ,
  • NIST 800-171
    • ,
  • NIST 800-53
    • ,
  • Orca Best Practices
    • ,
  • PDPA
    • ,
  • UK Cyber Essentials

Description

CloudTrail logs a record of every API call made in your AWS account. These logs file are stored in an S3 bucket. It is recommended that the bucket policy or access control list (ACL) applied to the S3 bucket that CloudTrail logs to prevent public access to the CloudTrail logs.
Need help?

Get a free Security Risk Assessment. Start today

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo