💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual)
- ID:
/frameworks/cis-aws-v2.0.0/04/01
Description
Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs, or an external Security information and event management (SIEM) environment, and establishing corresponding metric filters and alarms.
It is recommended that a metric filter and alarm be established for unauthorized API calls.
Similar
- Sections
/frameworks/cis-aws-v3.0.0/04/01/frameworks/cis-aws-v1.5.0/04/01
- Internal
- ID:
dec-c-67bdb695
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v1.5.0 → 💼 4.1 Ensure a log metric filter and alarm exist for unauthorized API calls - Level 1 (Automated) | 1 | no data | |||
| 💼 CIS AWS v3.0.0 → 💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual) | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v1.5.0 → 💼 4.1 Ensure a log metric filter and alarm exist for unauthorized API calls - Level 1 (Automated) | 1 | no data | |||
| 💼 CIS AWS v3.0.0 → 💼 4.1 Ensure unauthorized API calls are monitored - Level 2 (Manual) | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudTrail Unauthorized API Calls Monitoring is not enabled🟢⚪ | 🟢 x2, ⚪ x1 | no data |