The S3 Bucket backing Cloudtrail should be private
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | cloudtrail |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The S3 bucket used to store AWS CloudTrail logs is configured with public access, allowing anyone to view sensitive log data. This exposes detailed records of all API activity within the AWS account.
Impact#
Public exposure of CloudTrail logs can reveal sensitive operational details, user activity, and configuration information, enabling attackers to identify vulnerabilities or plan targeted attacks against the AWS environment.
Resolution#
Restrict public access to the S3 bucket