This section contains recommendations for configuring CloudTrail resources and options.
steampipe check aws_compliance.benchmark.pci_v321_cloudtrail
- 1 CloudTrail logs should be encrypted at rest using AWS KMS CMKs
- 2 CloudTrail should be enabled
- 3 CloudTrail log file validation should be enabled
- 4 CloudTrail trails should be integrated with CloudWatch Logs