Logging and monitoring

Create a Metric Alarm and Filter for route table changes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. Routing tables are used to route network traffic between subnets and to network gateways. Monitoring changes to route tables will help ensure that all VPC traffic flows through an expected path.
  • Recommended Mitigation

    It is recommended that a metric filter and alarm be established for changes to route tables.