PlatformResourcesSign inSign Up

Ensure Alibaba Cloud Action Trail Logging for all events

Error: Alibaba Cloud Action Trail Logging is not enabled for all events

Bridgecrew Policy ID: BC_ALI_LOGGING_5
Checkov Check ID: CKV_ALI_5
Severity: MEDIUM

Suggest Edits

Alibaba Cloud Action Trail Logging is not enabled for all events

Description

By enabling Action Trail logging for all events, you can track and monitor all activity in your Alibaba Cloud account, including all API calls and account activity. This can help to identify potential security issues or unauthorized access, and can also be useful for auditing purposes.

Fix - Buildtime

Terraform

resource "alicloud_actiontrail_trail" "pass" {
  trail_name         = "action-trail"
  oss_write_role_arn = "acs:ram::1182725xxxxxxxxxxx"
  oss_bucket_name    = "bucket_name"
  event_rw           = "All"
  trail_region       = "All"
}

Updated 9 months ago