More Info:

AWS S3 Server Access Logging feature should be enabled in order to record access requests useful for security audits. By default, server access logging is not enabled for S3 buckets.

Risk Level

Medium

Address

Security

Compliance Standards

HIPAA, NIST, SOC2, GDPR, ISO27001, HITRUST, CISAWS, CBP, NISTCSF, PCIDSS, FedRAMP

Triage and Remediation

Remediation

Sure, here are the step-by-step instructions to remediate the misconfiguration “S3 Buckets Should Have Access Logging Enabled” in AWS using the AWS console:

  1. Login to the AWS Management Console.
  2. Navigate to the S3 service.
  3. Select the S3 bucket for which you want to enable access logging.
  4. Click on the “Properties” tab.
  5. Scroll down to the “Server access logging” section and click on the “Edit” button.
  6. Select the “Enable logging” checkbox.
  7. Specify the target bucket where you want to store the access logs.
  8. Optionally, you can also specify a prefix for the log files.
  9. Click on the “Save changes” button to enable access logging for the S3 bucket.

Once you have completed these steps, access logging will be enabled for the S3 bucket and all the access logs will be stored in the target bucket that you specified. This will help you to track all the requests made to the S3 bucket and ensure that there are no unauthorized access attempts.

Additional Reading: