Control: AWS > NIST 800-53 > Region > At least one enabled trail should be present in a region

AWS CloudTrail can help in non-repudiation by recording AWS Management Console actions and API calls. You can identify the users and AWS accounts that called an AWS service, the source IP address where the calls generated, and the timings of the calls. Details of captured data are seen within AWS CloudTrail Record Contents.

Resource Types

This control targets the following resource types:

AWS > Region

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailEnabled"