This rule ensures a log metric filter and alarm exist for changes to NACLs.
Rule | Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) |
Framework | cis_v140 |
Severity | ✔ Low |
Rule Description:
This rule ensures that a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) in the cis_v140 AWS Config ruleset. This helps to monitor and alert any modifications made to NACL configurations, which can help in identifying potential security risks or unauthorized changes.
Troubleshooting Steps:
If there are any issues with the log metric filter and alarm for NACL changes, follow these troubleshooting steps:
Necessary Code:
There is no specific code required for this rule as it primarily relies on the configuration of AWS Config, CloudWatch Logs, and CloudWatch Alarms through the AWS Management Console or AWS CLI.
Remediation Steps:
If the log metric filter and alarm for NACL changes do not exist or need to be set up, follow these steps:
Once these steps have been completed, any changes made to NACL configurations will be monitored, and the configured alarm will be triggered based on the defined conditions.