Mods

turbot/terraform_aws_compliance

GitHub
Overview
39Dashboards
153Controls
153Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Usage
SQL
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Control: CloudTrail trail log file validation should be enabled

Description

Utilize AWS CloudTrail log file validation to check the integrity of CloudTrail logs. Log file validation helps determine if a log file was modified or deleted or unchanged after CloudTrail delivered it. This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection.

Usage

Run the control in your terminal:

steampipe check terraform_aws_compliance.control.cloudtrail_trail_validation_enabled

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share terraform_aws_compliance.control.cloudtrail_trail_validation_enabled

SQL

This control uses a named query:

cloudtrail_trail_validation_enabled

Tags

aws_foundational_security = true
category = Compliance
cis = true
gdpr = true
hipaa = true
nist_800_53_rev_4 = true
pci = true
plugin = terraform
service = AWS/CloudTrail
soc_2 = true