Bug fixes
- The
AWS > CIS v3.0 > 3 - Logging > 3.08 - Ensure that Object-level logging for write events is enabled for S3 bucket
control previously failed to evaluate correctly when there were more than oneFieldSelectors
present underAdvancedEventSelectors
. This issue is now fixed. - The
AWS > CIS v3.0 > 3 - Logging > 3.09 - Ensure that Object-level logging for read events is enabled for S3 bucket
control has been enhanced to evaluate bothEventSelectors
andAdvancedEventSelectors
when determining whether object-level logging is enabled. Previously, the control evaluated onlyEventSelectors
, which could result in false alarms when logging was configured usingAdvancedEventSelectors
.