github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/s3/AVD-AWS-0171/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/s3/AVD-AWS-0171/Terraform.md (about)

     1  
     2  Enable Object-level logging for S3 buckets.
     3  
     4  ```hcl
     5  resource "aws_s3_bucket" "good_example" {
     6  	bucket = "my-bucket"
     7  }
     8  
     9  resource "aws_cloudtrail" "example" {
    10    event_selector {
    11      read_write_type           = "WriteOnly" # or "All"
    12      data_resource {
    13        type = "AWS::S3::Object"
    14        values = ["arn:aws:s3:::${aws_s3_bucket.good_example.bucket}/"]
    15      }
    16    }
    17  }
    18  
    19  ```
    20  
    21  #### Remediation Links
    22   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning
    23