github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/s3/AVD-AWS-0089/Terraform.md (about) 1 2 Add a logging block to the resource to enable access logging 3 4 ```hcl 5 resource "aws_s3_bucket" "good_example" { 6 logging { 7 target_bucket = "target-bucket" 8 } 9 } 10 11 ``` 12 ```hcl 13 resource "aws_s3_bucket" "example" { 14 bucket = "yournamehere" 15 16 # ... other configuration ... 17 } 18 19 resource "aws_s3_bucket_logging" "example" { 20 bucket = aws_s3_bucket.example.id 21 target_bucket = aws_s3_bucket.log_bucket.id 22 target_prefix = "log/" 23 } 24 25 ``` 26 27 #### Remediation Links 28 - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket 29