Op Description
Ensure accounts have properly configured monitoring and alerting (e.g. CLoudTrail). This Op is unnecessary if you are using the centralized monitoring configuration.
Supported Services:
CloudTrail, Config, CloudWatch, GuardDuty, S3
Summary:
This Op properly configures a recommended baseline monitoring and alerting infrastructure for AWS accounts. This is the local account version that does not centralize logs and alerts. Use the *Integrate with central monitoring* Op if you want the account linked into the DisruptOPS centralized infrastructure. This Op enables CloudTrail in all regions, saves the logs to a new (local) S3 bucket, streams the activity to CloudWatch, and enables Config and GuardDuty. It can optionally run the *Implement local account security alerts* Op. It then monitors the account to maintain the configuration over time.
Supported Issue Types:
- Account is not configured with recommended monitoring and alerting configuration
- Monitoring and alerting exists but does not match required configuration
- CloudTrail/Config/CloudWatch/GuardDuty is not configured correctly and should be repaired
Supported Actions:
- Implement local monitoring and alerting configuration
- Repair non-compliant monitoring and alerting configuration
Platform:
