cloudtrail_multi_region_trail_enabled

At least one multi-region AWS CloudTrail should be present in an account

cloudtrail_s3_data_events_enabled

All S3 buckets should log S3 data events in CloudTrail

cloudtrail_trail_enabled

At least one enabled trail should be present in a region

cloudtrail_trail_integrated_with_logs

CloudTrail trails should be integrated with CloudWatch logs

rds_db_instance_logging_enabled

Database logging should be enabled

redshift_cluster_encryption_logging_enabled

Redshift cluster audit logging and encryption should be enabled

s3_bucket_logging_enabled

S3 bucket logging should be enabled

Employ an audited override of automated access mechanisms under [Assignment: organization-defined conditions] by [Assignment: organization-defined roles].

nist_800_53_rev_5_ac_3_10

nist_800_53_rev_5_ac_3

Access Enforcement (AC-3)

AC-3(10) Audited Override Of Access Control Mechanisms

aws_compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

turbot/aws_compliance

Benchmark: AC-3(10) Audited Override Of Access Control Mechanisms

Description

Usage

Controls

Tags

Steampipe

Resources

Community