Risk Level: Low
Cloud Entity: Region
CloudGuard Rule ID: D9.AWS.LOG.04
Region should have configurationRecorders with [allSupported=true]
- Log in to the AWS Management Console at https://console.aws.amazon.com/.
- At the top right of the console select the region you want to focus on.
- Click Services.
- Click Config.
- Define which resources you want to record in the selected region. Include global resources (IAM resources).
- Select an S3 bucket in the same account, or in another managed AWS account.
- Create an SNS Topic from the same AWS account, or from another managed AWS account.
From Command Line
- Ensure there is an appropriate S3 bucket, SNS topic, and IAM role per the AWS Config Service prerequisites.
- Run this command to set up the configuration recorder
aws configservice subscribe --s3-bucket BUCKET_NAME --sns-topic SNS_TOPIC_NAME or ARN --iam-role IAM_ROLE_ARN
- Run this command to start the configuration recorder:
start-configuration-recorder --configuration-recorder-name RECORDER_NAME
Each Amazon EC2 Region is designed to be completely isolated from the other Amazon EC2 Regions. This achieves the greatest possible fault tolerance and stability.
- AWS CIS Foundations v. 1.1.0
- AWS CIS Foundations v. 1.2.0
- AWS CIS Foundations v. 1.3.0
- AWS CIS Foundations v. 1.4.0
- AWS CIS Foundations v. 1.5.0
- AWS CSA CCM v.3.0.1
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS CloudGuard Well Architected Framework
- AWS GDPR Readiness
- AWS HITRUST
- AWS HITRUST v11.0.0
- AWS ISO 27001:2013
- AWS ITSG-33
- AWS LGPD regulation
- AWS MAS TRM Framework
- AWS MITRE ATT&CK Framework v10
- AWS MITRE ATT&CK Framework v11.3
- AWS NIST 800-171
- AWS NIST 800-53 Rev 4
- AWS NIST 800-53 Rev 5
- AWS NIST CSF v1.1
- AWS PCI-DSS 3.2
- AWS PCI-DSS 4.0
Updated 5 months ago