aws_compliance

AWS EKS clusters should have control plane audit logging enabled. These logs make it easy to secure and run clusters.

eks_cluster_control_plane_audit_logging_enabled

pci_dss_v40_requirement_10_2_1_1

10.2.1.1: Audit logs capture all individual user access to cardholder data

pci_dss_v40_requirement_10_2_1_2

10.2.1.2: Audit logs capture all actions taken by any individual with administrative access, including any interactive use of application or system accounts

pci_dss_v40_requirement_10_2_1_3

10.2.1.3: Audit logs capture all access to audit logs

pci_dss_v40_requirement_10_2_1_4

10.2.1.4: Audit logs capture all invalid logical access attempts

pci_dss_v40_requirement_10_2_1_5

10.2.1.5: Audit logs capture all changes to identification and authentication credentials including, but not limited

pci_dss_v40_requirement_10_2_1_6

10.2.1.6: Records of all changes to audit log activity status are captured

pci_dss_v40_requirement_10_2_1_7

10.2.1.7: Audit logs capture all creation and deletion of system-level objects

pci_dss_v40_requirement_10_2_2

10.2.2: Sufficient data to be able to identify successful and failed attempts and who, what, when, where, and how for each event listed in requirement 10.2.2 are captured

pci_dss_v40_requirement_10_3_1

10.3.1: Read access to audit logs files is limited to those with a job-related need

pci_dss_v40_requirement_10_6_3

10.6.3: Time synchronization settings and data are protected

pci_dss_v40_appendix_a1_2_1

A1.2.1: Audit log capability is enabled for each customer's environment that is consistent

acsc_essential_eight_ml_2_1_3

ACSC-EE-ML2-1.3: Application control ML2

acsc_essential_eight_ml_2_5_11

ACSC-EE-ML2-5.11: Restrict administrative privileges ML2

acsc_essential_eight_ml_2_5_12

ACSC-EE-ML2-5.12: Restrict administrative privileges ML2

acsc_essential_eight_ml_2_7_7

ACSC-EE-ML2-7.7: Multi-factor authentication ML2

all_controls_eks

EKS clusters should have control plane audit logging enabled

foundational_security_eks_8

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

Control: EKS clusters should have control plane audit logging enabled

Description

Usage

SQL

Tags