top of page

CloudWatch.4

Ensure a log metric filter and alarm exist for IAM policy changes

Severity

Cloud Platforms

Resources

Related Standards

Automated

LOW

AWS

Amazon CloudWatch

AWS CIS Foundations v1.2 & v1.4, CIS v8, CDR, ISO27001, SOC2, NIST CSF,

YES

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. It is recommended that a metric filter and alarm be established changes made to Identity and Access Management (IAM) policies.

bottom of page