Monitoring Policies

How to Use this Page

This page lists the AWS Monitoring Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its fix options.

Ensure a log metric filter and alarm exist for unauthorized API calls
Policy ID: BC_AWS_MONITORING_1

Ensure a log metric filter and alarm exist for management console sign-in without MFA
Policy ID: BC_AWS_MONITORING_2

Ensure a log metric filter and alarm exist for root account use
Policy ID: BC_AWS_MONITORING_3

Ensure a log metric filter and alarm exist for IAM policy changes
Policy ID: BC_AWS_MONITORING_4

Ensure a log metric filter and alarm exist for CloudTrail configuration changes
Policy ID: BC_AWS_MONITORING_5

Ensure a log metric filter and alarm exist for AWS Management console authentication failures
Policy ID: BC_AWS_MONITORING_6

Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created CMKs
Policy ID: BC_AWS_MONITORING_7

Ensure a log metric filter and alarm exist for S3 bucket policy changes
Policy ID: BC_AWS_MONITORING_8

Ensure a log metric filter and alarm exist for AWS Config configuration changes
Policy ID: BC_AWS_MONITORING_9

Ensure a log metric filter and alarm exist for Security Group changes
Policy ID: BC_AWS_MONITORING_10

Ensure a log metric filter and alarm exist for changes to NACLs
Policy ID: BC_AWS_MONITORING_11

Ensure a log metric filter and alarm exist for changes to network gateways
Policy ID: BC_AWS_MONITORING_12

Ensure a Log Metric Filter and Alarm Exist for Route Table Changes
Policy ID: BC_AWS_MONITORING_13

Ensure a log metric filter and alarm exist for VPC changes
Policy ID: BC_AWS_MONITORING_14