aws_compliance

AWS Compliance

This control checks whether OpenSearch service domains have audit logging enabled. The rule is non-compliant if an OpenSearch service domain does not have audit logging enabled.

opensearch_domain_audit_logging_enabled

pci_dss_v321_requirement_10_2

10.2 Through interviews of responsible personnel, observation of audit logs, and examination of audit log settings

pci_dss_v321_requirement_10_8_b

10.8.b Examine detection and alerting processes and interview personnel to verify that processes are implemented for all critical security controls

gxp_21_cfr_part_11_11_10_e

11.10(e) Use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions that create, modify, or delete electronic records

nydfs_23_500_02_b_3

500.02(b)(3)

nydfs_23_500_06_a

500.06(a)

nydfs_23_500_14_a

500.14(a)

acsc_essential_eight_ml_3_1_6

ACSC-EE-ML3-1.6: Application control ML3

acsc_essential_eight_ml_3_5_14

ACSC-EE-ML3-5.14: Restrict administrative privileges ML3

acsc_essential_eight_ml_3_5_15

ACSC-EE-ML3-5.15: Restrict administrative privileges ML3

acsc_essential_eight_ml_3_7_8

ACSC-EE-ML3-7.8: Multi-factor authentication ML3

soc_2_cc_7_3

CC7.3 The entity evaluates security events to determine whether they could or have resulted in a failure of the entity to meet its objectives (security incidents) and, if so, takes actions to prevent or address such failures

nist_csf_de_ae_1

DE.AE-1

nist_csf_de_ae_3

DE.AE-3

all_controls_opensearch

OpenSearch

nist_csf_pr_pt_1

PR.PT-1

OpenSearch domains should have audit logging enabled.

foundational_security_opensearch_5

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: OpenSearch domains should have audit logging enabled.

Description

Usage

SQL

Tags