💼 [EKS.8] EKS clusters should have audit logging enabled

Contextual name: 💼 [EKS.8] EKS clusters should have audit logging enabled
ID: /frameworks/aws-fsbp-v1.0.0/eks/08
Located in: 💼 Elastic Kubernetes Service (EKS)

Description

EKS control plane logging provides audit and diagnostic logs directly from the EKS control plane to Amazon CloudWatch Logs in your account. You can select the log types you need, and logs are sent as log streams to a group for each EKS cluster in CloudWatch. Logging provides visibility into the access and performance of EKS clusters. By sending EKS control plane logs for your EKS clusters to CloudWatch Logs, you can record operations for audit and diagnostic purposes in a central location.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/eks-controls.html#eks-8
Internal
- ID: dec-c-7f96de66

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		13	16
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(12) Account Management _ Account Monitoring for Atypical Usage
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			9
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	19
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		17
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	28
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			8
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			8
💼 NIST SP 800-53 Revision 5 → 💼 AU-9(7) Protection of Audit Information _ Store on Component with Different Operating System
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		7
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	65
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		10
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			11
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			5
💼 NIST SP 800-53 Revision 5 → 💼 SI-4 System Monitoring	25	1	8
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			5
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			8
💼 PCI DSS v4.0.1 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7		24

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections