Back to All Checks
High CloudTrail Regional

At least one CloudTrail trail should be enabled

PCI DSSISO 27001HIPAA

Description

This control checks whether CloudTrail is enabled in your AWS account. The control fails if your account doesn't have at least one CloudTrail trail.

Remediation

To ensure compliance with this control, you need to enable AWS CloudTrail in your AWS account. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.

Steps

  1. Sign in to the AWS Management Console and open the CloudTrail console at https://console.aws.amazon.com/cloudtrail/.
  2. In the CloudTrail console, click on 'Trails' in the left navigation pane.
  3. Click on the 'Create trail' button.
  4. In the 'Trail name' field, enter a name for your trail.
  5. For 'Storage location', create a new S3 bucket or select an existing one to store your CloudTrail logs.
  6. Optionally, you can configure additional settings such as log file encryption with KMS keys, log file validation, and CloudWatch Logs integration.
  7. Click on the 'Create' button to create the trail.
  8. Ensure that the trail is configured to apply to all regions if your AWS environment is multi-regional.

Compliance

PCI DSSISO 27001HIPAA
Start Your Free Security Check