aws_compliance

AWS Compliance

To help protect sensitive data at rest, ensure encryption is enabled for your Amazon CloudWatch Log Group

log_group_encryption_at_rest_enabled

article_32

Article 32 Security of processing

cisa_cyber_essentials_your_data_1

Your Data-1

cisa_cyber_essentials_your_data_2

Your Data-2

cisa_cyber_essentials_your_systems_3

Your Systems-3

fedramp_low_rev_4_au_9

Protection of Audit Information (AU-9)

fedramp_moderate_rev_4_au_9

fedramp_moderate_rev_4_sc_28

Protection of Information at Rest (SC-28)

gxp_21_cfr_part_11_11_30

11.30 Controls for open systems

gxp_eu_annex_11_operational_phase_7_1

7.1 Data Storage - Damage Protection

hipaa_164_308_a_1_ii_b

164.308(a)(1)(ii)(B) Risk Management

hipaa_164_308_a_4_ii_a

164.308(a)(4)(ii)(A) Isolating health care clearinghouse functions

hipaa_164_312_a_2_iv

164.312(a)(2)(iv) Encryption and decryption

hipaa_164_312_e_2_ii

164.312(e)(2)(ii) Encryption

nist_800_171_rev_2_3_13_11

3.13.11 Employ FIPS-validated cryptography when used to protect the confidentiality of CUI

nist_800_171_rev_2_3_13_16

3.13.16 Protect the confidentiality of CUI at rest

nist_800_171_rev_2_3_3_8

3.3.8 Protect audit information and audit logging tools from unauthorized access, modification, and deletion

nist_800_53_rev_4_au_9

nist_800_53_rev_4_sc_28

Protection Of Information At Rest (SC-28)

nist_800_53_rev_5_au_9_3

AU-9(3) Cryptographic Protection

nist_800_53_rev_5_cp_9_d

CP-9(d)

nist_800_53_rev_5_sc_13_a

SC-13(a)

nist_800_53_rev_5_sc_28_1

SC-28(1) Cryptographic Protection

nist_800_53_rev_5_sc_8_3

SC-8(3) Cryptographic Protection For Message Externals

nist_800_53_rev_5_sc_8_4

SC-8(4) Conceal Or Ramdomize Communications

nist_800_53_rev_5_si_19_4

SI-19(4) Removal, Masking, Encryption, Hashing, Or Replacement Of Direct Identifiers

nist_csf_pr_ds_1

PR.DS-1

rbi_cyber_security_annex_i_1_3

Annex I (1.3)

soc_2_cc_7_3

CC7.3 The entity evaluates security events to determine whether they could or have resulted in a failure of the entity to meet its objectives (security incidents) and, if so, takes actions to prevent or address such failures

Log group encryption at rest should be enabled

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

turbot/aws_compliance

Control: Log group encryption at rest should be enabled

Description

Usage

SQL

Tags

Steampipe

Resources

Community