Video: Unencrypted S3 Buckets Containing CloudTrail Logs

By

This is one in a series of short, simple J1 queries that will help you interrogate your AWS environments. The JupiterOne platform used to run these queries is free.

In this J1 Query example, we'll check to see if AWS CloudTrail logging is happening in buckets that are unencrypted.

Cut-and-Paste Query

Here's the query you can use to cut-and-paste into your J1 instance. Watch JupiterOne technical expert, Akash Ganapathi, walk through the example query and then display the results in real time. If you find this useful, give us some contact info at the bottom of this page and we'll send you twice a month updates as we continue to explore various environments with JupiterOne. You'll also receive a personal invitation to a hands-on J1 Query Workshop in March.

FIND aws_s3_bucket WITH encrypted!=true
  THAT (LOGS|ALLOWS) aws_cloudtrail

 

 

Contribute your J1 Query to the Community

We will frequently be adding cut-and-paste J1 queries to our gallery. Join the community and every two weeks we'll send you a list of new queries. You can contribute your own queries for inclusion and examination in an upcoming article. Use the form below to join us.

Akash Ganapathi
Akash Ganapathi

Akash Ganapathi comes from an enterprise security, data privacy, and data analysis background, working exclusively in the B2B software solutions space throughout his career. He is currently a Principal Security Solutions Architect at JupiterOne.

To hear more from Akash, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

Keep Reading

Shopping for DSPM tools - What to know and where JupiterOne fits in
May 30, 2023
Blog
Shopping for DSPM tools - What to know and where JupiterOne fits in

When are Data Security Posture Management tools useful and how can JupiterOne be used for basic DSPM functions?

2023 SCAR expands on context and depth of analysis over inaugural report
May 19, 2023
Blog
2023 SCAR expands on context and depth of analysis over inaugural report

The 2023 SCAR report builds in some important contextual analysis of the findings, including company size breakdowns and CSP adoption details.

Why IT teams should be using JupiterOne, Part 3
May 16, 2023
Blog
Why IT teams should be using JupiterOne, Part 3

JupiterOne can assist many functions within your IT department, including one very visible and important team: Help Desk Support.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.