Video: Unencrypted S3 Buckets Containing CloudTrail Logs

January 21, 2021
by
Akash Ganapathi

This is one in a series of short, simple J1 queries that will help you interrogate your AWS environments. The JupiterOne platform used to run these queries is free.

In this J1 Query example, we'll check to see if AWS CloudTrail logging is happening in buckets that are unencrypted.

Cut-and-Paste Query

Here's the query you can use to cut-and-paste into your J1 instance. Watch JupiterOne technical expert, Akash Ganapathi, walk through the example query and then display the results in real time. If you find this useful, give us some contact info at the bottom of this page and we'll send you twice a month updates as we continue to explore various environments with JupiterOne. You'll also receive a personal invitation to a hands-on J1 Query Workshop in March.

FIND aws_s3_bucket WITH encrypted!=true
  THAT (LOGS|ALLOWS) aws_cloudtrail

 

 

Contribute your J1 Query to the Community

We will frequently be adding cut-and-paste J1 queries to our gallery. Join the community and every two weeks we'll send you a list of new queries. You can contribute your own queries for inclusion and examination in an upcoming article. Use the form below to join us.

Akash Ganapathi
Akash Ganapathi

Akash Ganapathi comes from an enterprise security, data privacy, and data analysis background, working exclusively in the B2B software solutions space throughout his career. He is currently a Principal Security Solutions Architect at JupiterOne.

More blog posts by
Akash Ganapathi

SUBSCRIBE TO OUR NEWSLETTER

Stay up-to-date on emerging threats and security news

  • Checkmark
    Day-zero vulnerabilities & solutions
  • Checkmark
    Best practices for asset management
  • Checkmark
    Streamlining compliance and audit
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Keep Reading

5 Cybersecurity risk assessments to secure digital assets | JupiterOne
March 20, 2025
Blog
5 Cybersecurity risk assessment frameworks to secure digital assets

Discover 5 essential cybersecurity risk assessment frameworks to protect your digital assets. Learn their benefits, key features, and how to choose the right one

Redesigning the Widget Editor: A Faster, More Intuitive Way to Visualize Insights | JupiterOne
March 5, 2025
Blog
Redesigning the Widget Editor: A Faster, More Intuitive Way to Visualize Insights

The new Widget Editor delivers a more intuitive experience. Edit widgets in place, declutter your workspace, and get insights faster.

Streamlining Workflows with JupiterOne and Jira Cloud | JupiterOne
February 27, 2025
Blog
Streamlining Workflows with JupiterOne and Jira Cloud

Streamline security with JupiterOne and Jira. Automate issues, enhance collaboration, and track risks to boost efficiency and response times.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.

15 Mar 2022
Blog
One line headline, one line headline

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud eiut.