turbot/aws_compliance

GitHub
Loading controls...

Control: At least one enabled trail should be present in a region

Description

AWS CloudTrail can help in non-repudiation by recording AWS Management Console actions and API calls. You can identify the users and AWS accounts that called an AWS service, the source IP address where the calls generated, and the timings of the calls. Details of captured data are seen within AWS CloudTrail Record Contents.

Usage

Run the control in your terminal:

steampipe check aws_compliance.control.cloudtrail_trail_enabled

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share aws_compliance.control.cloudtrail_trail_enabled

SQL

This control uses a named query:

cloudtrail_trail_enabled

Tags