Ensure Neptune logging is enabled
Error: Neptune logging is not enabled
Bridgecrew PolicyID: BC_AWS_LOGGING_24
Checkov Check ID: CKV_AWS_101
Severity: HIGH
Neptune logging is not enabled
Description
These access logs can be used to analyze traffic patterns and troubleshoot security and operational issues.
Access logging is an optional feature of ELB that is disabled by default.
We recommend that your ELB has Access Logging Enabled.
Fix - Runtime
AWS Console
TBA
Fix - Buildtime
Terraform
- Resource: aws_elb
- Argument: access_logs
resource "aws_elb" "test" {
name = "test-lb-tf"
...
+ access_logs {
+ bucket = aws_s3_bucket.lb_logs.bucket
+ enabled = true
+ }
}
CloudFormation
- Resource: AWS::Neptune::DBCluster
- Argument: Properties.EnableCloudWatchLogExports
Type: "AWS::Neptune::DBCluster"
Properties:
...
+ EnableCloudwatchLogsExports: ["audit"]
Updated 10 months ago
Did this page help you?