standard
turbot/aws_compliance

Trigger: Detect & correct CloudTrail trails with log file validation disabled

Detect CloudTrail trails with log file validation disabled and then enable log file validation.

Query

select
concat(name, ' [', account_id, '/', region, ']') as title,
name,
region,
sp_connection_name as conn
from
aws_cloudtrail_trail
where
not log_file_validation_enabled
and region = home_region;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/Cloudtrail