ASSESS AND ENFORCE LOCAMANAGE ACCOUNT-LEVEL MONITORING AND ALERTING CONFIGURATION

ASSESS AND ENFORCE LOCAMANAGE ACCOUNT-LEVEL MONITORING AND ALERTING CONFIGURATION2018-12-19T19:00:59-06:00

Project Description

Ensure accounts have properly configured monitoring and alerting (e.g. CLoudTrail). This Op is unnecessary if you are using the centralized monitoring configuration.

Supported Services:

CloudTrail, Config, CloudWatch, GuardDuty, S3

Summary:

This Op properly configures a recommended baseline monitoring and alerting infrastructure for AWS accounts. This is the local account version that does not centralize logs and alerts. Use the *Integrate with central monitoring* Op if you want the account linked into the DisruptOPS centralized infrastructure. This Op enables CloudTrail in all regions, saves the logs to a new (local) S3 bucket, streams the activity to CloudWatch, and enables Config and GuardDuty. It can optionally run the *Implement local account security alerts* Op. It then monitors the account to maintain the configuration over time.

Supported Issue Types:

  • Account is not configured with recommended monitoring and alerting configuration
  • Monitoring and alerting exists but does not match required configuration
  • CloudTrail/Config/CloudWatch/GuardDuty is not configured correctly and should be repaired

Supported Actions:

  • Implement local monitoring and alerting configuration
  • Repair non-compliant monitoring and alerting configuration

Platform:

Project Details

Categories:

Tags: