CloudTrail Logging Disabled
- Query id: 4bb76f17-3d63-4529-bdca-2b454529d774
- Query name: CloudTrail Logging Disabled
- Platform: Terraform
- Severity: Medium
- Category: Observability
- CWE: 778
- URL: Github
Description¶
Checks if logging is enabled for CloudTrail.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
#this is a problematic code where the query should report a result(s)
resource "aws_cloudtrail" "positive1" {
name = "positive"
s3_bucket_name = "bucketlog"
enable_logging = false
}