top of page
CloudWatch.4
Ensure a log metric filter and alarm exist for IAM policy changes
Severity
Cloud Platforms
Resources
Related Standards
Automated
LOW
AWS
Amazon CloudWatch
AWS CIS Foundations v1.2 & v1.4, CIS v8, CDR, ISO27001, SOC2, NIST CSF,
YES
Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. It is recommended that a metric filter and alarm be established changes made to Identity and Access Management (IAM) policies.
bottom of page