πΌ [DocumentDB.4] Amazon DocumentDB clusters should publish audit logs to CloudWatch Logs
-
Contextual name: πΌ [DocumentDB.4] Amazon DocumentDB clusters should publish audit logs to CloudWatch Logs
-
ID: /frameworks/aws-fsbp-v1.0.0/documentdb/04
-
Located in: πΌ DocumentDB
Descriptionβ
Amazon DocumentDB (with MongoDB compatibility) allows you to audit events that
were performed in your cluster. Examples of logged events include successful
and failed authentication attempts, dropping a collection in a database, or
creating an index. By default, auditing is disabled in Amazon DocumentDB and
requires that you take action to enable it.
Similarβ
- AWS Security Hub
- Internal
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-2(4) Account Management _ Automated Audit Actions | | 11 | 13 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-4(26) Information Flow Enforcement _ Audit Filtering Actions | | | 7 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-6(9) Least Privilege _ Log Use of Privileged Functions | | 15 | 16 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AU-2 Event Logging | 4 | | 6 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AU-3 Content of Audit Records | 3 | 13 | 20 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories | | | 6 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis | | | 6 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AU-10 Non-repudiation | 5 | | 5 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AU-12 Audit Record Generation | 4 | 45 | 47 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ CA-7 Continuous Monitoring | 6 | | 8 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic | | | 7 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands | | | 3 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SI-4(20) System Monitoring _ Privileged Users | | | 3 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events | | | 6 | |
| πΌ PCI DSS v4.0.1 β πΌ 10.3.3 Audit log files, including those for external-facing technologies, are promptly backed up to a secure, central, internal log server(s) or other media that is difficult to modify. | | | | |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|