Control: AWS > NIST 800-53 > CloudTrail > CloudTrail trail log file validation should be enabled

Utilize AWS CloudTrail log file validation to check the integrity of CloudTrail logs. Log file validation helps determine if a log file was modified or deleted or unchanged after CloudTrail delivered it. This feature is built using industry standard algorithms: SHA-256 for hashing and SHA-256 with RSA for digital signing. This makes it computationally infeasible to modify, delete or forge CloudTrail log files without detection.

Resource Types

This control targets the following resource types:

AWS > CloudTrail > Trail

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailValidationEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailValidationEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailValidationEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/cloudTrailTrailValidationEnabled"