💼 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)

ID: /frameworks/cis-aws-v2.0.0/03/02

Description

CloudTrail log file validation creates a digitally signed digest file containing a hash of each log that CloudTrail writes to S3. These digest files can be used to determine whether a log file was changed, deleted, or unchanged after CloudTrail delivered the log. It is recommended that file validation be enabled on all CloudTrails.

Similar

Sections
- /frameworks/cis-aws-v3.0.0/03/02
- /frameworks/cis-aws-v1.5.0/03/02
Internal
- ID: dec-c-e28fec3b

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v1.5.0 → 💼 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)		1	1		no data
💼 CIS AWS v3.0.0 → 💼 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)		1	1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v1.5.0 → 💼 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)		1	1		no data
💼 CIS AWS v3.0.0 → 💼 3.2 Ensure CloudTrail log file validation is enabled - Level 2 (Automated)		1	1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail Log File Validation is not enabled🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-b1e1a494	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​