S3 Bucket does not have logging enabled.
Explanation
Buckets should have logging enabled so that access can be audited.
Insecure Example
The following example will fail the AWS002 check.
resource "aws_s3_bucket" "my-bucket" {
}
Secure Example
The following example will pass the AWS002 check.
resource "aws_s3_bucket" "my-bucket" {
logging {
target_bucket = "target-bucket"
}
}