CloudTrail Logging Disabled
- Query id: d4a73c49-cbaa-4c6f-80ee-d6ef5a3a26f5
- Query name: CloudTrail Logging Disabled
- Platform: Ansible
- Severity: Medium
- Category: Observability
- CWE: 778
- URL: Github
Description¶
Checks if logging is enabled for CloudTrail.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: example
community.aws.cloudtrail:
state: present
name: default
enable_logging: false