Control: CloudFront distributions access logs should be enabled
Description
This control checks if AWS CloudFront distributions are configured to capture information from AWS Simple Storage Service (AWS S3) server access logs. This rule is non-compliant if a CloudFront distribution does not have logging configured.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.cloudfront_distribution_logging_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.cloudfront_distribution_logging_enabled --shareSQL
This control uses a named query:
cloudfront_distribution_logging_enabled