Checks if at least one AWS CloudTrail trail is logging Amazon Simple Storage Service (Amazon S3) data events for all S3 buckets. The rule is NON_COMPLIANT if there are trails or if no trails record S3 data events.
Identifier: CLOUDTRAIL_S3_DATAEVENTS_ENABLED
Trigger type: Periodic
AWS Region: All supported AWS regions except Asia Pacific (Taipei) Region
Parameters:
Comma-separated list of S3 bucket names for which data events logging should be enabled. Default behavior checks for all S3 buckets.
To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.
cloudtrail-s3-bucket-public-access-prohibited
cloudtrail-security-trail-enabled
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4