⭐ Repository → 💼 CIS AWS v2.0.0 → 💼 4 Monitoring

💼 4.2 Ensure management console sign-in without MFA is monitored - Level 1 (Manual)

• ID: /frameworks/cis-aws-v2.0.0/04/02

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs, or an external Security information and event management (SIEM) environment, and establishing corresponding metric filters and alarms.

It is recommended that a metric filter and alarm be established for console logins that are not protected by multi-factor authentication (MFA).

Similar

• Sections
  • /frameworks/cis-aws-v3.0.0/04/02
  • /frameworks/cis-aws-v1.5.0/04/02
• Internal
  • ID: dec-c-a6050eb8

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v1.5.0 → 💼 4.2 Ensure a log metric filter and alarm exist for Management Console sign-in without MFA - Level 1 (Automated)			1		no data
💼 CIS AWS v3.0.0 → 💼 4.2 Ensure management console sign-in without MFA is monitored - Level 1 (Manual)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v1.5.0 → 💼 4.2 Ensure a log metric filter and alarm exist for Management Console sign-in without MFA - Level 1 (Automated)			1		no data
💼 CIS AWS v3.0.0 → 💼 4.2 Ensure management console sign-in without MFA is monitored - Level 1 (Manual)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudTrail Management Console Sign-In without MFA Monitoring is not enabled🟢⚪		🟢 x2, ⚪ x1	no data