Search result for 'CloudTrail'
- Most recent
- Most popular
- Most linked
- Most download
- Favorite
Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled.This script evaluates AWS CloudTrail configurations to verify log file validation and prints the compliance results. |
|
Tabulate the results of the AWS CloudTrail log file validation evaluation.This script tabulates the results of AWS CloudTrail log file validation compliance evaluation. |
|
Evaluate all AWS CloudTrail configurations to verify that log file validation is enabled; return NON_COMPLIANT if any trail does not have log file validation enabled. Tabulate the results.This script evaluates AWS CloudTrail configurations to verify log file validation and tabulates the compliance results. |
|
Evaluate all AWS CloudTrail configurations and verify SSE-KMS encryptionThis script evaluates AWS CloudTrail configurations to verify if SSE-KMS encryption is enabled and tabulates the compliance results. |
|
Tell the compliance status for AWS account, such as where there is no multi-region CloudTrail or where CloudTrail excludes management events (e.g., AWS KMS, Amazon RDS Data API) and flag them as NON_COMPLIANT.Checks AWS CloudTrail compliance for multi-region and management events inclusion, flags non-compliance. |
|
AWS Account Compliance Status EvaluationThis workflow involves assessing the compliance status of an AWS account by examining the configuration of CloudTrail. It specifically checks for the presence of multi-region CloudTrail and ensures that management events, such as those related to AWS KMS and Amazon RDS Data API, are not excluded. Any accounts that do not meet these criteria are flagged as NON_COMPLIANT. This process helps main... |
|
AWS CloudTrail Log File Validation Compliance CheckThe workflow involves evaluating all AWS CloudTrail configurations to ensure that log file validation is enabled. Each trail is assessed, and if any trail lacks log file validation, it is marked as NON_COMPLIANT. The results of this compliance check are then tabulated for further analysis and reporting. This process helps maintain the integrity and security of log files by ensuring that any un... |
|
AWS CloudTrail Configuration and Encryption VerificationThe workflow involves evaluating all AWS CloudTrail configurations to ensure they are set up correctly. A key focus is on verifying that server-side encryption with AWS Key Management Service (SSE-KMS) is enabled. This ensures that all logs are securely encrypted, enhancing the security and compliance of the AWS environment. The process helps in maintaining the integrity and confidentiality of... |
|
Security Log Monitoring•Use Case: Monitor security logs for suspicious activity, such as unauthorized access attempts. •Automate log analysis using CloudWatch Logs, CloudTrail and AWS GuardDuty. •Trigger incident response workflows, such as blocking IPs or revoking credentials, if suspicious activity is detected. |
|
Verify Whether AWS CloudTrail is configured to use SSE AWS KMSThis task verifies if AWS CloudTrail is configured with Server-Side Encryption (SSE) using AWS Key Management Service (KMS) Customer Master Keys (CMKs). It ensures that each CloudTrail trail has a KmsKeyId defined, confirming encryption according to SOC2 standards. This process enhances security and meets regulatory requirements for encrypted AWS activity logging. |
|
Automated Detection and Response to Suspicious Activity•Use Case: Monitor AWS CloudTrail logs for suspicious activity and automatically trigger incident response workflows. •DagKnows can integrate with AWS CloudTrail and GuardDuty and other tools if required to monitor logs for signs of security incidents •The platform can automatically trigger incident response workflows, such as revoking compromised credentials or isolating affected ... |
|
Check which AWS CloudTrail Trails have Log File Validation enabled: SOC2 ComplainceThis task audits AWS CloudTrail Trails for SOC2 Compliance by checking Log File Validation across various regions. It evaluates each trail for enabled log file validation and the presence of a valid 'LatestDigestDeliveryTime'. Trails are marked as compliant or non-compliant based on these criteria, with specific reasons for non-compliance provided. |
|
Check whether a Multi-Region AWS CloudTrail exists with the required configurations: SOC2 GuidelineThis task verifies the existence and configuration of a Multi-Region AWS CloudTrail in compliance with SOC2 guidelines. It focuses on ensuring essential settings like logging, S3 and CloudWatch integrations, and global event coverage. This is crucial for upholding data security and integrity standards across an organization's AWS infrastructure. |
|
Update AWS CloudTrail Trail with AWS KMS CMKThis task updates an AWS CloudTrail trail to use an AWS Key Management Service (KMS) Customer Master Key (CMK) for server-side encryption. It ensures that the trail's logs are encrypted with a specified KMS key, enhancing the security and confidentiality of audit log files. This update is vital for maintaining compliance and robust data protection standards in AWS. |
|
AWS CloudTrail Log Validation Enabled Audit: SOC2 ComplianceThis runbook ensures that CloudTrail, AWS's service for logging API activity, has log file validation enabled. This is crucial for SOC2 compliance, which demands secure and private handling of customer data. Enabling log file validation helps verify the integrity and authenticity of CloudTrail logs, demonstrating a commitment to robust information security practices. |
|
Enable Log File Validation for AWS CloudTrail TrailThis task automates the enforcement and verification of log file validation for AWS CloudTrail trails. It checks if log file validation is enabled for a specified trail and activates it if necessary. Post-activation, it confirms the validation status, ensuring compliance with security best practices. |
|
Multi-Region AWS CloudTrail Compliance Verification: SOC2 ComplianceThis runbook is focused on ensuring that AWS CloudTrail configurations across multiple regions comply with SOC2 standards. It involves comprehensive checks on CloudTrail trail configurations, including logging status, S3 bucket integrations, and CloudWatch Logs, ensuring global event capture and multi-region setup. It's essential for maintaining SOC2 compliance, emphasizing data security and i... |
|
End-to-End Encryption Setup for AWS CloudTrail: SOC2 ComplianceThis runbook provides a detailed guide for verifying and/or setting up end-to-end encryption in AWS CloudTrail for SOC2 compliance. It covers configuring CloudTrail with AWS KMS Customer Master Keys (CMKs) for Server-Side Encryption (SSE), including steps for creating or selecting KMS CMKs and ensuring secure encryption of CloudTrail trails. |
|
List all AWS CloudTrail TrailsThis task involves enumerating and retrieving detailed information about every AWS CloudTrail trail that exists across all AWS regions within an AWS account. Each trail captures specific API activity and events, and having a comprehensive list helps in providing visibility into what actions are being logged, where the logs are stored, and how they are configured. This listing process is founda... |
|
Filter out redundant global AWS CloudTrail TrailsThis task aims to identify and filter out redundant global trails within AWS CloudTrail. A global trail is a trail that applies to all regions in an AWS account. Redundant global trails can capture duplicate events, leading to unnecessary data storage and processing costs. Our script carefully inspects all global trails in each AWS region and identifies redundancies, providing a clear report o... |
|