CloudTrail
Caligo provides the following security rules for AWS CloudTrail:
Cloudtrail trails’ S3 logging buckets should have access logging enabled
S3 buckets with Cloudtrail logs should not be publicly accessible
Cloudtrail trails should be delivered to Cloudwatch
Each account should have Cloudtrail enabled across all regions
Cloudtrail trails should have log file validation enabled
S3 bucket object-level read events logging should be enabled in Cloudtrail
S3 bucket object-level write events logging should be enabled in Cloudtrail
Cloudtrail trails should have at rest encryption enabled
Last updated