[Announcement] AWS CloudTrail for Amazon S3 adds new fields for enhanced security auditing


AWS CloudTrail for Amazon Simple Storage Service (S3) now captures additional request parameters and event data for your bucket-level and object-level operations for enhanced security auditing. The new fields added to AWS CloudTrail for Amazon S3 include: host, signature version, cipher suite, and authentication method.

AWS CloudTrail for Amazon S3 provides a record of actions taken by a user, role, or an AWS service against your Amazon S3 resources, including detailed API tracking for Amazon S3 bucket-level and object-level operations. By using AWS CloudTrail, you can determine the request that was made to Amazon S3, the IP address from which the request was made, who made the request, when it was made, and additional details.

With this enhancement, you can use the signature version field to identify if the requests made against your Amazon S3 resources are being authenticated using signature version 2 (SigV2) or signature version 4 (SigV4). This is especially important in context of previous post on AWS Discussion Forums detailing the plan to end support for requests to Amazon S3 authenticated using SigV2 in all AWS regions on June 24, 2019.

Other new fields in AWS CloudTrail for Amazon S3 can also help you identify if clients are using HTTPS with the cipher suite field, or if clients are using a specific S3 endpoint, for example FIPS endpoints or dual stack endpoints, with the host field.

To learn more about monitoring Amazon S3 API calls using AWS CloudTrail, please visit the S3 Developer Guide.
To learn more about AWS CloudTrail, including how to configure and enable it, see the AWS CloudTrail User Guide.

AWS CloudTrail for Amazon Simple Storage Service (S3) is available in all commercial AWS regions and AWS GovCloud (US) regions.

  • This is an announcement migrated from AWS Forums that does not require an answer

질문됨 5년 전533회 조회
답변 없음

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠