Global services are not monitored by exactly one CloudTrail trail Affecting CloudTrail service in AWS
Severity Framework
CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Snyk CCSS
Rule category
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Logging/ Configuration
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-ControlsHIPAANIST-800-53
- Snyk IDSNYK-CC-00129
- creditSnyk Research Team
Description
Exactly one CloudTrail trail should monitor global services. If you have multiple single region trails, AWS recommends configuring your trails so that global service events are delivered in only one of the trails.
How to fix?
Ensure there is exactly one aws_cloudtrail with include_global_service_events set to true.
Example Configuration
resource "aws_cloudtrail" "valid_trail" {
name = "valid_trail"
s3_bucket_name = "${aws_s3_bucket.ct_bucket.id}"
include_global_service_events = true
}