MSK Cluster Logging Disabled
- Query id: 2f56b7ab-7fba-4e93-82f0-247e5ddeb239
- Query name: MSK Cluster Logging Disabled
- Platform: Terraform
- Severity: Medium
- Category: Observability
- CWE: 778
- URL: Github
Description¶
Ensure MSK Cluster Logging is enabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_msk_cluster" "positive1" {
logging_info {
broker_logs {
cloudwatch_logs {
enabled = false
log_group = aws_cloudwatch_log_group.test.name
}
firehose {
delivery_stream = aws_kinesis_firehose_delivery_stream.test_stream.name
}
}
}
}
resource "aws_msk_cluster" "positive2" {
}