S3 Bucket Logging
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | s3 |
| Provider | aws |
Description#
S3 buckets are missing access logging configuration, which means operations such as uploads, downloads, and deletions are not being logged. Without logging enabled, there is no audit trail for activity on the bucket.
Impact#
If exploited, unauthorized or malicious activities could occur undetected, making it difficult to investigate data breaches, track unauthorized access, or comply with auditing requirements. This lack of visibility can hinder incident response and forensic analysis.
Resolution#
Add a logging block to the resource to enable access logging