Control: Ensure CloudWatch Logs destination policy has no wildcards
Amazon CloudWatch Logs destination policy should avoid wildcard in 'principals' and 'actions'.
Run the control in your terminal:
steampipe check terraform_aws_compliance.control.cloudwatch_destination_policy_wildcards
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share terraform_aws_compliance.control.cloudwatch_destination_policy_wildcards
This control uses a named query:cloudwatch_destination_policy_wildcards