Create a Metric Alarm and Filter for disabling or scheduled deletion of customer created CMKs

Logging and monitoring

Create a Metric Alarm and Filter for disabling or scheduled deletion of customer created CMKs

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS CIS
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
CSA CCM
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. Data encrypted with disabled or deleted keys will no longer be accessible.

Recommended Mitigation

It is recommended that a metric filter and alarm be established for customer created CMKs which have changed state to disabled or scheduled deletion.

Create a Metric Alarm and Filter for disabling or scheduled deletion of customer created CMKs

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS