Ensure Alibaba Cloud OSS bucket has access logging enabled

Error: Alibaba Cloud OSS bucket has access logging enabled

Bridgecrew Policy ID: BC_ALI_LOGGING_2
Checkov Check ID: CKV_ALI_12
Severity: LOW

Alibaba Cloud OSS bucket has access logging enabled

Description

Enabling access logging for an Alibaba Cloud OSS (Object Storage Service) bucket can help to improve the security and management of the bucket. Access logging records information about each request made to the bucket, including the request type, the source IP address, the object accessed, and the response status.

By enabling access logging, you can track and monitor access to the bucket, which can help to identify potential security issues or unauthorized access. Access logging can also be useful for auditing purposes, as it provides a record of all requests made to the bucket.

Fix - Buildtime

Terraform

resource "alicloud_oss_bucket" "pass" {
  bucket = "bucket-170309-logging"

  logging {
    target_bucket = alicloud_oss_bucket.bucket-target.id
    target_prefix = "log/"
  }
}
Footer