Control: CloudTrail trail log file validation should be enabled
Utilize AWS CloudTrail log file validation to check the integrity of CloudTrail logs. Log file validation helps determine if a log file was modified or deleted or unchanged after CloudTrail delivered it. This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection.
Run the control in your terminal:
steampipe check aws_compliance.control.cloudtrail_trail_validation_enabled
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.control.cloudtrail_trail_validation_enabled
This control uses a named query:cloudtrail_trail_validation_enabled