Object Storage buckets should have write-level logging enabled

oci-object-storage
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Oracle Cloud Infrastructure (OCI) Object Storage buckets should have write-level logging enabled to track all write operations, modifications, and deletions. Write logs provide visibility into data changes, help detect unauthorized modifications, and support audit requirements for compliance frameworks. Without write-level logging, organizations lack the ability to investigate security incidents, track data lineage, or prove compliance with regulatory requirements.

Remediation

Enable write-level logging for your OCI Object Storage buckets by creating a log resource in the OCI Logging service with the following configuration:

  • Configure the log in the same compartment as the bucket
  • Set the service to objectstorage
  • Set the category to write
  • Specify the target bucket name as the resource
  • Ensure the log is in an ACTIVE lifecycle state

For detailed guidance on enabling Object Storage logging, refer to the Enabling Logging for a Resource section of the Oracle Cloud Infrastructure Documentation.