lacework-global-95
Ensure the S3 bucket has access logging enabled
Description
Access logging provides records of requests that are made to a bucket. Access log information is useful in security investigations and may be required for audit purposes. It is good practice to review bucket objects and enable server access logging as appropriate.
Remediation
Perform the following to enable server access logging:
Sign in to the AWS Management Console
Select Services
Select S3
Select an S3 bucket
Select Properties
Select Edit at Server access logging
Check Enable logging
Enter the name of the target bucket with optional prefix, format: s3://bucket/prefix
Click Save changes
Repeat steps 4-9 for each bucket that requires access logging enabled