Logging Policies
How to Use this Page
This page lists the AWS Logging Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its fix options.
Ensure AWS CloudTrail is enabled in all regions
Policy ID: BC_AWS_LOGGING_1
Ensure AWS CloudTrail log validation is enabled in all regions
Policy ID: BC_AWS_LOGGING_2
Ensure the S3 bucket used to store CloudTrail logs does not have public access
Policy ID: BC_AWS_LOGGING_3
Ensure CloudTrail and CloudWatch logs are integrated
Policy ID: BC_AWS_LOGGING_4
Ensure AWS config is enabled in all regions
Policy ID: BC_AWS_LOGGING_5
Ensure CloudTrail S3 bucket access logging is enabled
Policy ID: BC_AWS_LOGGING_6
Ensure AWS CloudTrail logs are encrypted using CMKs
Policy ID: BC_AWS_LOGGING_7
Ensure AWS CMK rotation is enabled
Policy ID: BC_AWS_LOGGING_8
Ensure AWS VPC Flow logs are enabled
Policy ID: BC_AWS_LOGGING_9
Ensure Amazon MQ Broker logging is enabled
Policy ID: BC_AWS_LOGGING_10
Ensure container insights are enabled on ECS cluster
Policy ID: BC_AWS_LOGGING_11
Ensure AWS Redshift database has audit logging enabled
Policy ID: BC_AWS_LOGGING_12
Ensure CloudWatch log groups specify retention days
Policy ID: BC_AWS_LOGGING_13
Ensure CloudTrail logging in All Regions is enabled
Policy ID: BC_AWS_LOGGING_14
Ensure API Gateway has X-Ray tracing enabled
Policy ID: BC_AWS_LOGGING_15
Ensure Global Accelerator has Flow logs enabled
Policy ID: BC_AWS_LOGGING_16
Ensure API Gateway has access logging enabled
Policy ID: BC_AWS_LOGGING_17
Ensure Amazon MSK cluster logging is enabled
Policy ID: BC_AWS_LOGGING_18
Ensure AWS DocumentDB logging is enabled
Policy ID: BC_AWS_LOGGING_19
Ensure AWS CloudFront distribution has access logging enabled
Policy ID: BC_AWS_LOGGING_20
Ensure CloudWatch logs are encrypted at rest using KMS CMKs
Policy ID: BC_AWS_LOGGING_21
Ensure AWS ELB (Classic) with access log is enabled
Policy ID: BC_AWS_LOGGING_22
Ensure the ELB has access logging enabled
Policy ID: BC_AWS_LOGGING_23
Ensure Nepture logging is enabled
Policy ID: BC_AWS_LOGGING_24
Ensure AWS CloudFormation stacks are sending event notifications to an SNS topic
Policy ID: BC_AWS_LOGGING_25
Ensure detailed monitoring for EC2 instances is enabled
Policy ID: BC_AWS_LOGGING_26
Ensure CloudTrail trail is integrated with CloudWatch logs
Policy ID: BC_AWS_LOGGING_27
Ensure enhanced monitoring for Amazon RDS instances is disabled
Policy ID: BC_AWS_LOGGING_28
Ensure API Gateway stage have logging level defined appropriately
Policy ID: BC_AWS_LOGGING_29
Updated over 2 years ago