Control: 6.3 Ensure that 'Auditing' is set to 'On' for applicable database instances
Description
Enable SQL auditing on all RDS except SQL Server 2012/2016/2017 and MariaDB TX.
Remediation
From Console
- Logon to RDS Console.
- In the upper-left corner, select the region of the target instance.
- Locate the target instance, and click the instance ID.
- In the left-side navigation pane, select
SQL Explorer. - Click
Activate Now. - Specify the
SQL log storage duration(for how long you want to keep the SQL log), and clickActivate.
Usage
Run the control in your terminal:
powerpipe control run alicloud_compliance.control.cis_v100_6_3Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run alicloud_compliance.control.cis_v100_6_3 --shareSQL
This control uses a named query:
select arn as resource, case when sql_collector_policy ->> 'SQLCollectorStatus' = 'Enable' then 'ok' else 'alarm' end as status, case when sql_collector_policy ->> 'SQLCollectorStatus' = 'Enable' then title || ' SQL audit enabled.' else title || ' SQL audit disabled.' end as reason , account_id as account_id, region as regionfrom alicloud_rds_instance;