TF 0326 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
S3 Bucket Logging
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | s3 |
| Provider | aws |
Description
S3 buckets are missing access logging configuration, which means operations such as uploads, downloads, and deletions are not being logged. Without logging enabled, there is no audit trail for activity on the bucket.
Impact
If exploited, unauthorized or malicious activities could occur undetected, making it difficult to investigate data breaches, track unauthorized access, or comply with auditing requirements. This lack of visibility can hinder incident response and forensic analysis.
Resolution
Add a logging block to the resource to enable access logging