cloudtrail_multi_region_trail_enabled

At least one multi-region AWS CloudTrail should be present in an account

cloudtrail_s3_data_events_enabled

All S3 buckets should log S3 data events in CloudTrail

cloudtrail_trail_enabled

At least one enabled trail should be present in a region

cloudtrail_trail_integrated_with_logs

CloudTrail trails should be integrated with CloudWatch logs

cloudwatch_alarm_action_enabled

CloudWatch alarm action should be enabled

guardduty_enabled

GuardDuty should be enabled

rds_db_instance_logging_enabled

Database logging should be enabled

redshift_cluster_encryption_logging_enabled

Redshift cluster audit logging and encryption should be enabled

s3_bucket_logging_enabled

S3 bucket logging should be enabled

securityhub_enabled

AWS Security Hub should be enabled for an AWS Account

The information system automatically audits account creation, modification, enabling, disabling, and removal actions, and notifies [Assignment: organization-defined personnel or roles].

fedramp_moderate_rev_4_ac_2_4

fedramp_moderate_rev_4_ac_2

Account Management (AC-2)

AC-2(4) Automated Audit Actions

aws_compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower and AWS Foundational Security Best Practices controls across all your AWS accounts using Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

turbot/aws_compliance

Benchmark: AC-2(4) Automated Audit Actions

Description

Usage

Controls

Tags

Steampipe

Resources

Community