Object Storage buckets should have write-level logging enabled

oci-object-storage
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

Oracle Cloud Infrastructure (OCI) Object Storage buckets should have write-level logging enabled to track all write operations, modifications, and deletions. Write logs provide visibility into data changes, help detect unauthorized modifications, and support audit requirements for compliance frameworks. Without write-level logging, organizations lack the ability to investigate security incidents, track data lineage, or prove compliance with regulatory requirements.

Remediation

Enable write-level logging for your OCI Object Storage buckets by creating a log resource in the OCI Logging service with the following configuration:

  • Configure the log in the same compartment as the bucket
  • Set the service to objectstorage
  • Set the category to write
  • Specify the target bucket name as the resource
  • Ensure the log is in an ACTIVE lifecycle state

For detailed guidance on enabling Object Storage logging, refer to the Enabling Logging for a Resource section of the Oracle Cloud Infrastructure Documentation.