💼 4 Monitoring

• Contextual name: 💼 4 Monitoring
• ID: /frameworks/cis-aws-v1.4.0/04
• Located in: 💼 CIS AWS v1.4.0

Description

This section contains recommendations for configuring AWS to assist with monitoring and responding to account activities.

Similar

• Internal
  • ID: dec-b-85ff45d0

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 4.1 Ensure a log metric filter and alarm exist for unauthorized API calls			1
💼 4.2 Ensure a log metric filter and alarm exist for Management Console sign-in without MFA			1
💼 4.3 Ensure a log metric filter and alarm exist for usage of 'root' account			1
💼 4.4 Ensure a log metric filter and alarm exist for IAM policy changes			1
💼 4.5 Ensure a log metric filter and alarm exist for CloudTrail configuration changes			1
💼 4.6 Ensure a log metric filter and alarm exist for AWS Management Console authentication failures			1
💼 4.7 Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created CMKs			1
💼 4.8 Ensure a log metric filter and alarm exist for S3 bucket policy changes			1
💼 4.9 Ensure a log metric filter and alarm exist for AWS Config configuration changes			1
💼 4.10 Ensure a log metric filter and alarm exist for security group changes			1
💼 4.11 Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL)			1
💼 4.12 Ensure a log metric filter and alarm exist for changes to network gateways			1
💼 4.13 Ensure a log metric filter and alarm exist for route table changes			1
💼 4.14 Ensure a log metric filter and alarm exist for VPC changes			1
💼 4.15 Ensure a log metric filter and alarm exists for AWS Organizations changes			1