remediating cloudtrail-s3-dataevents-enabled

Its an aws config managed rule, but I don't see a clear remediation process. is the only way to set up data events in cloudtrail via the console? I don't see any means in boto or the cli.

主题

存储管理与治理

标签

亚马逊简单存储服务 (S3)AWS Config AWS CloudTrail

语言

English

Jay Benner

已提问 3 个月前333 查看次数

1 回答

最新
投票最多
评论最多

已接受的回答

Hello.

Check "Data events" when creating a trail with CloudTrail.
With these settings, S3 data events will be recorded in the trail.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-create-a-trail-using-the-console-first-time.html

For AWS CLI, I think the following documentation will be helpful.
Set a data event in the trail using the command "put-event-selector".
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-additional-cli-commands.html#configuring-event-selector-examples
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cloudtrail/put-event-selectors.html

专家

Riku_Kobayashi

已回答 3 个月前

专家

Oleksii Bebych

已审核 2 个月前

Riku_Kobayashi 专家

3 个月前

For your reference, here is the command to enable S3 data events.

aws cloudtrail put-event-selectors --trail-name "test-trail" --event-selectors '[{"IncludeManagementEvents": true,"DataResources": [{"Values": ["arn:aws:s3:::"],"Type": "AWS::S3::Object" }], "ReadWriteType": "All"}]'

Jay Benner
3 个月前
This is what I needed. For the next person looking: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cloudtrail/client/put_event_selectors.html

remediating cloudtrail-s3-dataevents-enabled

相关内容