Benchmark: Protection of Audit Information (AU-9)
The information system protects audit information and audit tools from unauthorized access, modification, and deletion.
steampipe check aws_compliance.benchmark.fedramp_low_rev_4_au_9
- CloudTrail trail logs should be encrypted with KMS CMK
- CloudTrail trail log file validation should be enabled
- Log group encryption at rest should be enabled
- S3 bucket cross-region replication should enabled
- S3 bucket versioning should be enabled