Risk Management Example - CloudTrail should be enabled across all regions
Description
This policy checks if CloudTrail is enabled in all regions. It is a compliance and security best practice to turn on CloudTrail across different regions to get a complete audit trail of activities across various AWS services.
After the policy is enabled, when CloudTrail is disabled in any of the available AWS region, a finding will be generated.
Configuration Steps
- Go to POLICIES > Risk Management > Predefined tab.
- Locate the policy: "CloudTrail should be enabled across all regions", click on the right arrow key > button to expand the policy.
- Click Enabled toggle switch button to enable the policy. The default is always turned on.
- Click on Applied To drop down menu to select the AWS accounts that this policy should apply to.
- Click Save Changes to finish.