Skip to main content

💼 [EKS.8] EKS clusters should have audit logging enabled

  • ID: /frameworks/aws-fsbp-v1.0.0/eks/08

Description​

EKS control plane logging provides audit and diagnostic logs directly from the EKS control plane to Amazon CloudWatch Logs in your account. You can select the log types you need, and logs are sent as log streams to a group for each EKS cluster in CloudWatch. Logging provides visibility into the access and performance of EKS clusters. By sending EKS control plane logs for your EKS clusters to CloudWatch Logs, you can record operations for audit and diagnostic purposes in a central location.

Similar​

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions1416no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(12) Account Management _ Account Monitoring for Atypical Usage1no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions9no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions1719no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging417no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records31328no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories8no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis8no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-9(7) Protection of Audit Information _ Store on Component with Different Operating Systemno data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation57no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation44765no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring613no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic14no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands6no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4 System Monitoring25110no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users5no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events8no data
💼 PCI DSS v4.0.1 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.727no data

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance