Back to All Checks
Medium DocumentDB Regional

Amazon DocumentDB clusters should publish audit logs to CloudWatch Logs

NIST 800-53PCI DSS v4.0.1PCI DSS v10.3.3ISO 27001HIPAA

Description

This control checks whether an Amazon DocumentDB cluster publishes audit logs to Amazon CloudWatch Logs. The control fails if the cluster doesn't publish audit logs to CloudWatch Logs. Amazon DocumentDB (with MongoDB compatibility) allows you to audit events that were performed in your cluster. Examples of logged events include successful and failed authentication attempts, dropping a collection in a database, or creating an index. By default, auditing is disabled in Amazon DocumentDB and requires that you take action to enable it.

Remediation

Enable audit logging for your Amazon DocumentDB cluster by configuring CloudWatch Logs export for audit logs.

Steps

  1. Open the Amazon DocumentDB console.
  2. Choose 'Clusters' from the navigation pane.
  3. Select the cluster you want to modify.
  4. Choose 'Modify'.
  5. In the 'Log exports' section, select 'audit' to enable audit logs.
  6. Choose 'Continue' and then 'Modify cluster'.

Compliance

NIST 800-53PCI DSS v4.0.1PCI DSS v10.3.3ISO 27001HIPAA
Start Your Free Security Check