This rule ensures the presence of a log metric filter and alarm for CloudTrail configuration changes.
Rule | Ensure a log metric filter and alarm exist for CloudTrail configuration changes |
Framework | General Data Protection Regulation (GDPR) |
Severity | ✔ Low |
Rule/Policy: Ensure a log metric filter and alarm exist for CloudTrail configuration changes for General Data Protection Regulation (GDPR)
Description:
This rule ensures that a log metric filter and alarm are in place to monitor any changes made to the CloudTrail configuration related to the General Data Protection Regulation (GDPR). The GDPR is a regulation in the European Union (EU) intended to protect the personal data and privacy of EU citizens. By creating this log metric filter and alarm, you can monitor and respond to any unauthorized or suspicious changes to your CloudTrail configuration that might impact compliance with GDPR.
Troubleshooting Steps:
Necessary Codes:
There are no specific codes required for this rule.
Step-by-Step Guide for Remediation:
Step 1: Configure CloudTrail Log Metric Filter
Note: Update the{ ($.eventName = "UpdateTrail") && ($.requestParameters.name = "GDPR-Trail") }
GDPR-Trail
with the actual name of your CloudTrail trail that is used for GDPR compliance.Step 2: Create CloudWatch Alarm
Summary:
By following the above steps, you will configure a CloudTrail log metric filter and alarm to monitor any changes made to the CloudTrail configuration related to GDPR. This will help ensure compliance with GDPR regulations and provide timely notifications to investigate any unauthorized or suspicious changes.