cloudtrail-security-trail-enabled
Checks that there is at least one Amazon CloudTrail trail defined with security best practices. This rule is COMPLIANT if there is at least one trail that meets all of the following:
records global service events
is a multi-region trail
has Log file validation enabled
encrypted with a KMS key
records events for reads and writes
records management events
does not exclude any management events
This rule is NON_COMPLIANT if no trails meet all of the criteria mentioned above.
Identifier: CLOUDTRAIL_SECURITY_TRAIL_ENABLED
Trigger type: Periodic
Amazon Web Services Region: All supported Amazon regions
Parameters:
- None
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.