Loading controls...

Benchmark: AC-2(4) Automated Audit Actions

Description

The information system automatically audits account creation, modification, enabling, disabling, and removal actions, and notifies [Assignment: organization-defined personnel or roles].

Usage

Browse dashboards and select AC-2(4) Automated Audit Actions:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check aws_compliance.benchmark.fedramp_moderate_rev_4_ac_2_4

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share aws_compliance.benchmark.fedramp_moderate_rev_4_ac_2_4

Controls

At least one multi-region AWS CloudTrail should be present in an account
All S3 buckets should log S3 data events in CloudTrail
At least one enabled trail should be present in a region
CloudTrail trails should be integrated with CloudWatch logs
CloudWatch alarm action should be enabled
GuardDuty should be enabled
Database logging should be enabled
Redshift cluster audit logging and encryption should be enabled
S3 bucket logging should be enabled
AWS Security Hub should be enabled for an AWS Account

turbot/aws_compliance

Benchmark: AC-2(4) Automated Audit Actions

Description

Usage

Controls

Tags

Steampipe

Resources

Community