aws_compliance

AWS Compliance

This control ensures if redshift clusters are logging audits to a specific bucket. The rule is no compliant if audit logging is not enabled for a redshift cluster or if the 'bucketNames' parameter is provided but the audit logging destination does not match.

redshift_cluster_audit_logging_enabled

pci_dss_v321_requirement_10_2

10.2 Through interviews of responsible personnel, observation of audit logs, and examination of audit log settings

pci_dss_v321_requirement_10_8_b

10.8.b Examine detection and alerting processes and interview personnel to verify that processes are implemented for all critical security controls

gxp_21_cfr_part_11_11_10_e

11.10(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records

soc_2_cc_7_3

CC7.3 The entity evaluates security events to determine whether they could or have resulted in a failure of the entity to meet its objectives (security incidents) and, if so, takes actions to prevent or address such failures

nist_csf_de_ae_1

DE.AE-1

nist_csf_de_ae_3

DE.AE-3

nist_csf_pr_ds_5

PR.DS-5

nist_csf_pr_ma_2

PR.MA-2

nist_csf_pr_pt_1

PR.PT-1

all_controls_redshift

Redshift

AWS Redshift audit logging should be enabled

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: AWS Redshift audit logging should be enabled

Description

Usage

SQL

Tags