aws-cisv3-0 v5.0.5 - Controls 3.08 and 3.09 will now evaluate the outcome correctly

Jun 18, 2025
Mods

Bug fixes

  • The AWS > CIS v3.0 > 3 - Logging > 3.08 - Ensure that Object-level logging for write events is enabled for S3 bucket control previously failed to evaluate correctly when there were more than one FieldSelectors present under AdvancedEventSelectors. This issue is now fixed.
  • The AWS > CIS v3.0 > 3 - Logging > 3.09 - Ensure that Object-level logging for read events is enabled for S3 bucket control has been enhanced to evaluate both EventSelectors and AdvancedEventSelectors when determining whether object-level logging is enabled. Previously, the control evaluated only EventSelectors, which could result in false alarms when logging was configured using AdvancedEventSelectors.