Devolutions.CIEM

0.3.28

Checks/Aws/Test-CloudtrailLogsS3BucketAccessLoggingEnabled.ps1

                                function Test-CloudtrailLogsS3BucketAccessLoggingEnabled {

    <#

    .SYNOPSIS

        CloudTrail trail destination S3 bucket has access logging enabled

    .DESCRIPTION

        CloudTrail trails deliver logs to an S3 bucket; this evaluates whether that bucket has **S3 server access logging** enabled to record requests against it.

        *If the destination bucket is outside the account or audit scope, a manual review is indicated.*

    .PARAMETER Check

        CIEMCheck object containing check metadata.

    #>

    [CmdletBinding()]

    [OutputType([PSCustomObject[]])]

    param(

        [Parameter(Mandatory)]

        [CIEMCheck]$Check

    )

    $ErrorActionPreference = 'Stop'

    # TODO: Implement check logic based on Prowler check: cloudtrail_logs_s3_bucket_access_logging_enabled

    [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check cloudtrail_logs_s3_bucket_access_logging_enabled for reference.', 'N/A', 'cloudtrail Resources')

}