turbot/aws_compliance

Benchmark: 3 Monitoring

Overview

For effectiveness and coverage of recommended metric-filters and alarms, recommendations in Section 3 should be implemented on Multi-region CloudTrail referred in Ensure CloudTrail is enabled in all regions Updated Overview should look like: This section contains recommendations for configuring AWS to assist with monitoring and responding to account activities. Metric filter-related recommendations in this section are dependent on the Ensure CloudTrail is enabled in all regions and Ensure CloudTrail trails are integrated with CloudWatch Logs recommendation in the "Logging" section. Additionally, step 3 of the remediation procedure for the same recommendations provides guidance for establishing an email-based subscription (-- protocol email). This is provided as an example and is not meant to suggest other protocols provide lesser value.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 3 Monitoring.

Run this benchmark in your terminal:

powerpipe benchmark run aws_compliance.benchmark.cis_v120_3

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run aws_compliance.benchmark.cis_v120_3 --share

Controls

Tags