github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/s3/AVD-AWS-0172/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/s3/AVD-AWS-0172/Terraform.md (about)

     1  
     2  Enable Object-level logging for S3 buckets.
     3  
     4  ```hcl
     5  resource "aws_s3_bucket" "good_example" {
     6  	bucket = "my-bucket"
     7  }
     8  
     9  resource "aws_cloudtrail" "example" {
    10    event_selector {
    11      read_write_type           = "ReadOnly" # or "All"
    12      data_resource {
    13        type = "AWS::S3::Object"
    14        values = ["arn:aws:s3:::${aws_s3_bucket.good_example.bucket}/"]
    15      }
    16    }
    17  }
    18  
    19  
    20  ```
    21  
    22  #### Remediation Links
    23   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket#versioning
    24