Back to All Checks
Medium RDS Regional

Aurora MySQL DB clusters should publish audit logs to CloudWatch Logs

NIST 800-53PCI DSS v4.0.1ISO 27001HIPAA

Description

Checks whether an Amazon Aurora MySQL DB cluster is configured to publish audit logs to Amazon CloudWatch Logs. Audit logs capture a record of database activity, including login attempts, data modifications, schema changes, and other events. These logs can be audited for security and compliance purposes. By configuring an Aurora MySQL DB cluster to publish audit logs to a log group in Amazon CloudWatch Logs, users can perform real-time analysis of the log data, as CloudWatch Logs retains logs in highly durable storage.

Remediation

To remediate this issue, enable audit log publishing to CloudWatch Logs for your Aurora MySQL DB clusters.

Steps

  1. Go to the AWS RDS console
  2. Select the Aurora MySQL DB cluster
  3. Go to the 'Logs & events' tab
  4. Enable 'Audit logs' in the CloudWatch Logs exports section
  5. Choose or create a CloudWatch Logs log group
  6. Save the changes and wait for the configuration to apply

Compliance

NIST 800-53PCI DSS v4.0.1ISO 27001HIPAA
Start Your Free Security Check