💼 [CloudFront.5] CloudFront distributions should have logging enabled

• Contextual name: 💼 [CloudFront.5] CloudFront distributions should have logging enabled
• ID: /frameworks/aws-fsbp-v1.0.0/cloudfront/05
• Located in: 💼 CloudFront

Description

CloudFront access logs provide detailed information about every user request that CloudFront receives. Each log contains information such as the date and time the request was received, the IP address of the viewer that made the request, the source of the request, and the port number of the request from the viewer. These logs are useful for applications such as security and access audits and forensics investigation.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/cloudfront-controls.html#cloudfront-5
• Internal
  • ID: dec-c-3b43b170

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		14	16
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			9
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	19
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		17
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	28
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			8
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			8
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		7
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	65
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		10
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			14
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			5
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			5
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			8
💼 PCI DSS v4.0.1 → 💼 10.4.2 Logs of all other system components are reviewed periodically.	1		5

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS CloudFront Distribution Logging is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-a5c2acfe	1