More Info:

AWS S3 Server Access Logging feature should be enabled in order to record access requests useful for security audits. By default, server access logging is not enabled for S3 buckets.

Risk Level

Medium

Address

Security

Compliance Standards

HIPAA, NIST, SOC2, GDPR, ISO27001, HITRUST, CISAWS, CBP, NISTCSF, PCIDSS, FedRAMP

Triage and Remediation

Remediation

Using Console

Additional Reading: