AWS CloudWatch

Overview
Critical
0
High
0
Medium
21
Low
0
Informational
0
Security issues (21)
Severity Non-Compliance Region Resource Issue Remediation Read more Action
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-collector:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-responder:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-scanner:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-scheduler:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/codebuild/InlineSecureScanning:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/eks/beautiful-outfit-1611727262/cluster:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/lambda/HelloWorldFunction:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/lambda/Sophos-Optix-flowlogs-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/transfer/s-4ab6146e87334a43a:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /ecs/console-sample-app-static:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /ecs/first-run-task-definition:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-1 /aws/lambda/Sophos-Optix-flowlogs-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-1 /aws/lambda/test:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/Sophos-Optix-cloudtrail-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/Sophos-Optix-flowlogs-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/SophosOptixRegionalResourcesLambda:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/my-function:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/transfer/s-3d3e19784f014b1a9:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 aws-cloudtrail-logs-531239714189-58a7e086:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 aws-cloudtrail-logs-531239714189-f6d6a35f:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 my-trail:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
Log groups (21)
Region Log group Retention Metric filters Size Security issues
us-east-1 /aws/lambda/test-collectorNever expire 0 1 Medium (details)
us-east-1 /aws/lambda/test-responderNever expire 016.56 KB 1 Medium (details)
us-east-1 /aws/lambda/test-scannerNever expire 0 1 Medium (details)
us-east-1 /aws/lambda/test-schedulerNever expire 0 1 Medium (details)
us-east-2 /aws/codebuild/InlineSecureScanningNever expire 042.63 KB 1 Medium (details)
us-east-2 /aws/eks/beautiful-outfit-1611727262/clusterNever expire 03.05 GB 1 Medium (details)
us-east-2 /aws/lambda/HelloWorldFunctionNever expire 11.75 KB 1 Medium (details)
us-east-2 /aws/lambda/Sophos-Optix-flowlogs-fnNever expire 04.41 MB 1 Medium (details)
us-east-2 /aws/transfer/s-4ab6146e87334a43aNever expire 043.17 KB 1 Medium (details)
us-east-2 /ecs/console-sample-app-staticNever expire 01.12 MB 1 Medium (details)
us-east-2 /ecs/first-run-task-definitionNever expire 0 1 Medium (details)
us-west-1 /aws/lambda/Sophos-Optix-flowlogs-fnNever expire 0475.0 bytes 1 Medium (details)
us-west-1 /aws/lambda/testNever expire 0478.0 bytes 1 Medium (details)
us-west-2 /aws/lambda/Sophos-Optix-cloudtrail-fnNever expire 0119.51 MB 1 Medium (details)
us-west-2 /aws/lambda/Sophos-Optix-flowlogs-fnNever expire 016.79 KB 1 Medium (details)
us-west-2 /aws/lambda/SophosOptixRegionalResourcesLambdaNever expire 013.25 KB 1 Medium (details)
us-west-2 /aws/lambda/my-functionNever expire 0300.0 bytes 1 Medium (details)
us-west-2 /aws/transfer/s-3d3e19784f014b1a9Never expire 07.2 MB 1 Medium (details)
us-west-2 aws-cloudtrail-logs-531239714189-58a7e086Never expire 0559.18 MB 1 Medium (details)
us-west-2 aws-cloudtrail-logs-531239714189-f6d6a35fNever expire 031.65 KB 1 Medium (details)
us-west-2 my-trailNever expire 21.99 GB 1 Medium (details)