AWS Config Rule: CloudTrail S3 Data Events Enabled

Description: Checks whether at least one AWS CloudTrail trail is logging Amazon S3 data events for all S3 buckets. The rule is NON_COMPLIANT if trails log data events for S3 buckets is not configured.

Trigger type: Periodic

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Spain), Europe (Zurich) Region

To resolve this manually, you will need to configure Data events for your CloudTrail trails. An overview is presented to you, much like the below image, when you view the details of any of your trails. By clicking the edit button, you are then given the option to enable data events, and then choose your data source (which should be S3 in order to be compliant with this config rule)

You can then also choose to enable logging of Read and/or Write for all buckets, or individual buckets. 

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here