Ensure Route 53 DNS service modifications are detected

Error: Route 53 DNS service modifications are not detected

Policy ID: BC_AWS_ALERT_2
Severity: INFO

Route 53 DNS service modifications are not detected

Description

CloudTrail captures API calls for all Route 53 events. This includes calls from the Route 53 console and calls to the Route 53 APIs. This check tracks the following console and API events:

  • ChangeResourceRecordSets
  • DeleteHostedZone
  • UpdateDomainContact

Using the information collected by CloudTrail, you can determine the requests that were made to Route 53: the IP address that the request was made from, who made the request, when it was made, and additional details.


Did this page help you?