Ensure that your Amazon CloudTrail trail is configured to use the appropriated S3 bucket in order to meet regulatory compliance requirements within your organization. Prior to running this rule by the Cloud Conformity engine, the S3 bucket into which AWS CloudTrail delivers the trail files must be configured in the rule settings, on your Cloud Conformity account dashboard.
This rule can help you with the following compliance standards:
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
The delivery of CloudTrail data must be tightly controlled using the Amazon S3 bucket defined specifically as target bucket for trail data recorded in your AWS account.
Audit
To determine if your AWS CloudTrail trail uses the right S3 bucket as target bucket, perform the following actions:
Remediation / Resolution
To reconfigure your Amazon CloudTrail trail in order to use the designated S3 bucket, specified in the conformity rule settings, perform the following actions:
References
- AWS Documentation
- AWS CloudTrail
- AWS CloudTrail FAQs
- Updating a Trail
- Creating and Updating a Trail with the AWS Command Line Interface
- AWS Command Line Interface (CLI) Documentation
- cloudtrail
- describe-trails
- update-subscription
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

You are auditing:
CloudTrail S3 Bucket
Risk level: Medium