Skip to main content

πŸ’Ό 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)

  • Contextual name: πŸ’Ό 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)
  • ID: /frameworks/cis-aws-v2.0.0/03/02
  • Located in: πŸ’Ό 3 Logging

Description​

CloudTrail log file validation creates a digitally signed digest file containing a hash of each log that CloudTrail writes to S3. These digest files can be used to determine whether a log file was changed, deleted, or unchanged after CloudTrail delivered the log. It is recommended that file validation be enabled on all CloudTrails.

Similar​

  • Sections
    • /frameworks/cis-aws-v3.0.0/03/02
    • /frameworks/cis-aws-v1.5.0/03/02
  • Internal
    • ID: dec-c-e28fec3b

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v1.5.0 β†’ πŸ’Ό 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)11
πŸ’Ό CIS AWS v3.0.0 β†’ πŸ’Ό 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)11

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v1.5.0 β†’ πŸ’Ό 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)11
πŸ’Ό CIS AWS v3.0.0 β†’ πŸ’Ό 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)11

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS CloudTrail Log File Validation is not enabled 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-b1e1a4941