Control: AWS > NIST 800-53 > S3 > All S3 buckets should log S3 data events in CloudTrail

The collection of Simple Storage Service (Amazon S3) data events helps in detecting any anomalous activity. The details include AWS account information that accessed an Amazon S3 bucket, IP address, and time of event.

Resource Types

This control targets the following resource types:

AWS > S3 > Bucket

In Your Workspace

Controls by Resource report
Controls by Control Type report

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailS3DataEventsEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailS3DataEventsEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailS3DataEventsEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailS3DataEventsEnabled"