Control: AWS > HIPAA > CloudTrail > CloudTrail trail logs should be encrypted with KMS CMK
To help protect sensitive data at rest, ensure encryption is enabled for your Amazon CloudWatch Log Groups.
Resource Types
This control targets the following resource types:
Category
In Your Workspace
Developers
- tmod:@turbot/aws-hipaa#/control/types/cloudTrailTrailLogsEncryptedWithKmsCmk
- tmod:@turbot/turbot#/control/categories/complianceHipaa
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-hipaa#/control/types/cloudTrailTrailLogsEncryptedWithKmsCmk"
Get Controls
Control Type URI
Category URI
GraphQL
CLI