turbot/aws_compliance

Query: route53_zone_query_logging_enabled

Usage

powerpipe query aws_compliance.query.route53_zone_query_logging_enabled

Steampipe Tables

SQL

select
id as resource,
case
when private_zone then 'skip'
when query_logging_configs is not null
or jsonb_array_length(query_logging_configs) > 0 then 'ok'
else 'alarm'
end as status,
case
when private_zone then title || ' is private hosted zone.'
when query_logging_configs is not null
or jsonb_array_length(query_logging_configs) > 0 then title || ' query logging to CloudWatch enabled.'
else title || ' query logging to CloudWatch disabled.'
end as reason,
region,
account_id
from
aws_route53_zone;

Controls

The query is being used by the following controls: