AWS002 - S3 Bucket does not have logging enabled.

Explanation

Buckets should have logging enabled so that access can be audited.

Insecure Example

The following example will fail the AWS002 check.

resource "aws_s3_bucket" "bad_example" {

}

Secure Example

The following example will pass the AWS002 check.

resource "aws_s3_bucket" "good_example" {
	logging {
		target_bucket = "target-bucket"
	}
}