Closed rdegraaf-ncc3 closed 1 week ago
Cloud Profile 3.4.1 "Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket" contains the following as part of its investigation procedure using AWS Console:
Go to the Amazon CloudTrail console at https://console.aws.amazon.com/cloudtrail/home In the API activity history pane on the left, click Trails In the Trails pane, note the bucket names in the S3 bucket column Sign in to the AWS Management Console and open the S3 console at https://console.aws.amazon.com/s3. Under All Buckets click on a target S3 bucket Click on Properties in the top right of the console Under Bucket: _ <bucket_name> _ click on Logging Ensure Enabled is checked.
All Buckets
Properties
Bucket:
<bucket_name>
Logging
Enabled
These steps do not correspond to the current version of the AWS Console UI. They should be replaced with something along the lines of the following:
Go to the Amazon CloudTrail console at https://console.aws.amazon.com/cloudtrail/home. In the navigation pane on the left, click Trails. In the Trails pane, note the bucket names in the S3 bucket column. Go to the Amazon S3 console at https://console.aws.amazon.com/s3. For each bucket noted in step 3, click on a target S3 Bucket. Click on Properties. In the Server access logging section, verify that server access logging is Enabled
Server access logging
Cloud Profile 3.4.1 "Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket" contains the following as part of its investigation procedure using AWS Console:
These steps do not correspond to the current version of the AWS Console UI. They should be replaced with something along the lines of the following: