Back to All Checks
Medium EC2 Regional

EC2 VPN connections should have logging enabled

CIS AWS Foundations Benchmark v3.0.0CIS AWS Foundations Benchmark v3.5.3PCI DSS v4.0.1PCI DSS v10.4.2

Description

This control checks whether EC2 VPN connections have logging enabled. The control fails if VPN connection logging is not configured.

Remediation

To enable logging for your EC2 VPN connections, you need to configure CloudWatch logging for the VPN connection.

Steps

  1. Open the Amazon VPC console
  2. Navigate to VPN Connections
  3. Select the VPN connection you want to configure
  4. Click 'Actions' and select 'Modify VPN connection'
  5. Enable CloudWatch logging for the VPN connection
  6. Configure the log group and retention settings
  7. Save the changes to enable logging

Compliance

CIS AWS Foundations Benchmark v3.0.0CIS AWS Foundations Benchmark v3.5.3PCI DSS v4.0.1PCI DSS v10.4.2
Start Your Free Security Check