⭐ Repository → 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 Transfer Family

💼 [Transfer.3] Transfer Family connectors should have logging enabled

• ID: /frameworks/aws-fsbp-v1.0.0/transfer-family/03

Description

Amazon CloudWatch is a monitoring and observability service that provides visibility into your AWS resources, including AWS Transfer Family resources. For Transfer Family, CloudWatch provides consolidated auditing and logging for workflow progress and results. This includes several metrics that Transfer Family defines for workflows. You can configure Transfer Family to automatically log connector events in CloudWatch. To do this, you specify a logging role for the connector. For the logging role, you create an IAM role and a resource-based IAM policy that defines the permissions for the role.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/transfer-controls.html#transfer-3

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		14	16		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(12) Account Management _ Account Monitoring for Atypical Usage					no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			9		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	19		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		17		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	28		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			8		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			8		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-9(7) Protection of Audit Information _ Store on Component with Different Operating System					no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		7		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	65		no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		10		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			14		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			5		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4 System Monitoring	25	1	8		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			5		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			8		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance