CloudWatch Log Group Is Not Protected By AWS KMS

Overview

Verify whether CloudWatch log groups are secured with AWS Key Management Service (KMS). Utilizing customer-managed KMS encryption for CloudWatch log groups offers enhanced confidentiality and grants users greater authority over their log data.

Vendor

AWS

Cloud Service

CloudWatch

References

https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_LogGroup.html, https://docs.aws.amazon.com/cli/latest/reference/logs/associate-kms-key.html

Severity

Item Types

AWS::Logs::LogGroup

Overview​

Vendor​

Cloud Service​

References​

Severity​

Item Types​