Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: At Least One Enabled Trail Should Be Present in a Region

This rule ensures there is at least one enabled trail in a specific region for compliance.

RuleAt least one enabled trail should be present in a region
FrameworkGxP EU Annex 11
Severity
Low

Rule Description:

At least one enabled trail should be present in a region for GxP EU Annex 11 compliance. This rule ensures that there is an audit trail in place for tracking any changes or activities related to GxP (Good Practices) processes in accordance with the EU Annex 11 regulations.

Troubleshooting Steps:

If there is no enabled trail present in the region, the following steps can be taken to troubleshoot the issue:

  1. 1.

    Verify enabled trails: Check if any trails are already enabled in the region using the appropriate console or command-line interface.

  2. 2.

    Enable a trail: If no trail exists, enable a trail for the region using the necessary AWS service console or the AWS Command Line Interface (CLI). Make sure to configure the trail to capture the required events and log data necessary for compliance with GxP EU Annex 11.

Necessary Codes (if applicable):

If using the AWS Command Line Interface (CLI), the following code can be used to enable a trail:

aws cloudtrail create-trail --name <trail-name> --s3-bucket-name <bucket-name> --is-multi-region-trail --include-global-service-events

Replace

<trail-name>
with the desired name for the trail and
<bucket-name>
with the name of the S3 bucket where the trail logs will be stored.

Step-by-step Guide for Remediation:

  1. 1.

    Log in to the AWS Management Console.

  2. 2.

    Navigate to the CloudTrail service.

  3. 3.

    Check if any trails are already enabled in the region. If there are no enabled trails, proceed to the next step.

  4. 4.

    Click on the "Create trail" button to create a new trail.

  5. 5.

    Provide a suitable name for the trail in the "Trail name" field.

  6. 6.

    Configure the "S3 bucket" where the trail logs will be stored. You can either select an existing bucket or create a new one.

  7. 7.

    Enable the "Apply trail to all regions" option if you want the trail to capture events from all AWS regions. Enable this option if GxP EU Annex 11 compliance is required across multiple regions.

  8. 8.

    Enable the "Include global service events" option if you want the trail to capture global events such as IAM (Identity and Access Management) changes.

  9. 9.

    Review all the trail settings and click on the "Create" button to enable the trail.

Ensure that the newly created trail is capturing the necessary events according to GxP EU Annex 11 compliance requirements.

By following these steps, you will have at least one enabled trail in the region to comply with the GxP EU Annex 11 regulations.

Is your System Free of Underlying Vulnerabilities?
Find Out Now