💼 [DocumentDB.4] Amazon DocumentDB clusters should publish audit logs to CloudWatch Logs
- ID:
/frameworks/aws-fsbp-v1.0.0/documentdb/04
Stats
not available
Description
Amazon DocumentDB (with MongoDB compatibility) allows you to audit events that
were performed in your cluster. Examples of logged events include successful
and failed authentication attempts, dropping a collection in a database, or
creating an index. By default, auditing is disabled in Amazon DocumentDB and
requires that you take action to enable it.
Similar
- AWS Security Hub
- Internal
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions | | 15 | 23 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions | | | 18 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions | | 17 | 25 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging | 4 | | 27 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records | 3 | 15 | 39 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories | | | 17 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis | | | 17 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation | 5 | | 16 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation | 4 | 48 | 74 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring | 6 | | 28 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic | | | 35 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands | | | 13 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users | | | 12 | | no data |
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events | | | 17 | | no data |
| 💼 PCI DSS v4.0.1 → 💼 10.3.3 Audit log files, including those for external-facing technologies, are promptly backed up to a secure, central, internal log server(s) or other media that is difficult to modify. | | | 3 | | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)