💼 [CodeBuild.3] CodeBuild S3 logs should be encrypted
- ID:
/frameworks/aws-fsbp-v1.0.0/codebuild/03
Description​
Encryption of data at rest is a recommended best practice to add a layer of access management around your data. Encrypting the logs at rest reduces the risk that a user not authenticated by AWS will access the data stored on disk. It adds another set of access controls to limit the ability of unauthorized users to access the data.
Similar​
- AWS Security Hub
- Internal
- ID:
dec-c-132e6374
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks | 25 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-3(6) Configuration Change Control _ Cryptography Management | 6 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-13 Cryptographic Protection | 4 | 13 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-28 Protection of Information at Rest | 3 | 16 | 25 | no data | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-28(1) Protection of Information at Rest _ Cryptographic Protection | 10 | 14 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-7(6) Software, Firmware, and Information Integrity _ Cryptographic Protection | 12 | no data | |||
| 💼 PCI DSS v4.0 → 💼 10.3.2 Audit log files are protected to prevent modifications by individuals. | 2 | 4 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|