CloudTrail Log File Validation Disabled
- Query id: 52ffcfa6-6c70-4ea6-8376-d828d3961669
- Query name: CloudTrail Log File Validation Disabled
- Platform: Terraform
- Severity: Low
- Category: Observability
- CWE: 778
- URL: Github
Description¶
CloudTrail log file validation should be enabled to determine whether a log file has not been tampered
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_cloudtrail" "positive1" {
name = "positive1"
s3_bucket_name = "bucketlog1"
}
resource "aws_cloudtrail" "positive2" {
name = "positive2"
s3_bucket_name = "bucketlog2"
enable_log_file_validation = false
}