Store waf logs in KMS encrypted S3

Have you heard of any experience or examples of KMS encryption when outputting Waf logs to S3? If so, please also tell us why you needed to encrypt them.

Topics

Security, Identity, & Compliance

Tags

AWS WAF AWS Key Management Service

Language

English

rePost-User-7292033

asked a year ago495 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Encryption of logs is best practice. WAF logs can be stored and S3 and this mechanism supports encryption using the Server Side Encryption with AWS Key Management Service (SSE-KMS): https://docs.aws.amazon.com/waf/latest/developerguide/logging-s3.html

Rajarshi_D

answered a year ago

Relevant content

Storing Application Load Balancer access logs in a KMS-encrypted S3 bucket
cmeinschein
asked 5 years ago
Update ControlTower CloudTrail S3 Bucket to Use Log file SSE-KMS encryption
TSquared
asked a year ago
Encryption of WAF logs and DNS query logs
rePost-User-7292033
asked a year ago
Use KMS grant to access to encrypted KMS - CMK S3 bucket
AWS-User-3522091
asked 2 years ago
Why can't I see Amazon EMR cluster logs in an S3 bucket that has an attached policy enforcing SSE-KMS encryption?
AWS OFFICIALUpdated 3 years ago
Do I need to specify the AWS KMS key when I download a KMS-encrypted object from Amazon S3?
AWS OFFICIALUpdated a year ago
How do I use AWS KMS to encrypt log data in CloudWatch Logs?
AWS OFFICIALUpdated 2 months ago
Should I use an AWS KMS managed key or a customer managed KMS key to encrypt my objects on Amazon S3?
AWS OFFICIALUpdated 2 years ago
How to use JWT tokens for authorization with AWS KMS in NodeJs Lambdas
EXPERT
Antonio_Lagrotteria
published a month ago
AWS Transfer Family supports self-signed TLS certificates and 3DES encryption for sending AS2 messages
EXPERT
AWS
published 14 days ago