aws_compliance

AWS Compliance

Ensure that AWS OpenSearch Service (OpenSearch Service) domains are configured to send logs to AWS CloudWatch Logs. The rule is compliant if a log is enabled for an OpenSearch Service domain. This rule is non-compliant if logging is not configured.

es_domain_logs_to_cloudwatch

pci_dss_v321_requirement_10_2

10.2 Through interviews of responsible personnel, observation of audit logs, and examination of audit log settings

pci_dss_v321_requirement_10_8_b

10.8.b Examine detection and alerting processes and interview personnel to verify that processes are implemented for all critical security controls

gxp_21_cfr_part_11_11_10_e

11.10(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records

hipaa_final_omnibus_security_rule_2013_164_308_a_3_ii_a

164.308(a)(3)(ii)(A) Authorization and/or supervision

hipaa_final_omnibus_security_rule_2013_164_312_b

164.312(b) Audit controls

nist_800_171_rev_2_3_1_12

3.1.12 Monitor and control remote access sessions

rbi_itf_nbfc_3_1_h

3.1.h Trails

nist_800_171_rev_2_3_14_7

3.14.7 Identify unauthorized use of organizational systems

nydfs_23_500_02_b_3

500.02(b)(3)

nydfs_23_500_06_a

500.06(a)

nydfs_23_500_14_a

500.14(a)

cis_controls_v8_ig1_8_2

8.2 Collect Audit Logs

fedramp_moderate_rev_4_ac_2_g

AC-2(g)

acsc_essential_eight_ml_3_1_6

ACSC-EE-ML3-1.6: Application control ML3

acsc_essential_eight_ml_3_5_14

ACSC-EE-ML3-5.14: Restrict administrative privileges ML3

acsc_essential_eight_ml_3_5_15

ACSC-EE-ML3-5.15: Restrict administrative privileges ML3

acsc_essential_eight_ml_3_7_8

ACSC-EE-ML3-7.8: Multi-factor authentication ML3

fedramp_low_rev_4_ac_2

Account Management (AC-2)

rbi_cyber_security_annex_i_7_4

Annex I (7.4)

soc_2_cc_7_3

CC7.3 The entity evaluates security events to determine whether they could or have resulted in a failure of the entity to meet its objectives (security incidents) and, if so, takes actions to prevent or address such failures

ffiec_d_2_ma_ma_b_1

D2.MA.Ma.B.1

ffiec_d_2_ma_ma_b_2

D2.MA.Ma.B.2

ffiec_d_3_dc_an_b_3

D3.DC.An.B.3

ffiec_d_3_dc_an_b_4

D3.DC.An.B.4

nist_csf_de_ae_1

DE.AE-1

nist_csf_de_ae_3

DE.AE-3

all_controls_es

Elasticsearch

nist_800_53_rev_5_au_10

Non-Repudiation (AU-10)

nist_csf_pr_pt_1

PR.PT-1

cisa_cyber_essentials_your_data_2

Your Data-2

cisa_cyber_essentials_your_systems_3

Your Systems-3

Elasticsearch domain should send logs to CloudWatch

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: Elasticsearch domain should send logs to CloudWatch

Description

Usage

SQL

Tags