🚀Launch Week 07, January 27th - 31st, 2025🚀
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-alicloud-compliance
Overview
1Dashboards
78Benchmarks
40Queries
2Variables
GitHub

Control: 6.4 Ensure that 'Auditing' Retention is 'greater than 6 months'

Description

Database SQL Audit Retention should be configured to be greater than 90 days.

Remediation

From Console

  1. Logon to RDS Console.
  2. In the upper-left corner, select the region of the target instance.
  3. Locate the target instance, and click the instance ID.
  4. In the left-side navigation pane, select SQL Explore.
  5. Click Service Setting button on the top right corner.
  6. In the service setting page, enable Activate SQL Explore, set the storage duration as ‘6 months’ or longer.

Usage

Run the control in your terminal:

powerpipe control run alicloud_compliance.control.cis_v100_6_4

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run alicloud_compliance.control.cis_v100_6_4 --share

SQL

This control uses a named query:

select
  arn as resource,
  case
    when sql_collector_retention > 180 then 'ok'
    else 'alarm'
  end as status,
  title || ' SQL audit enabled with retention period ' || sql_collector_retention || ' days.'
  as reason
  
  , account_id as account_id, region as region
from
  alicloud_rds_instance;

Tags

category = Compliance
cis = true
cis_item_id = 6.4
cis_level = 1
cis_section_id = 6
cis_type = automated
cis_version = v1.0.0
plugin = alicloud
service = AliCloud/RDS