Organization-level CloudTrail configuration supported for object-level logging for S3 buckets Rules
As announced on 09 May 2023, a change has been released for the listed Rules that check if object-level logging is enabled for S3 buckets.
This Rule will now detect when S3 data event logging is enabled on CloudTrail trails configured in member accounts as well as when configured on Organization-level CloudTrail trails.
|Bundle Name||Rule Name|
|Organization Bundle/catalog||Ensure that Object-level logging for write events is enabled for S3 bucket|
Ensure that Object-level logging for read events is enabled for S3 bucket
|CIS Benchmark v1.3.0, v1.4.0 & v1.5.0||CIS 3.10 - Ensure that Object-level logging for write events is enabled for S3 bucket|
CIS 3.11 - Ensure that Object-level logging for read events is enabled for S3 bucket
By default, Stax does not configure S3 object-level logging for Stax-managed accounts. An S3 bucket with a high workload could quickly generate thousands of logs in a short amount of time, resulting in increased AWS costs. Find out more about Enabling CloudTrail event logging for S3 buckets and objects.