CloudTrail Ruleset Compliance Matrix

 

CloudTrail Rulesets Overview

Threat Stack provides a CloudTrail Ruleset to help you get started on your security journey. We recognize that the CloudTrail Ruleset may not meet your organization's specific needs and so we created alternate compliance rulesets based on:

  • HIPAA
  • ISO 27001
  • MPAA
  • PCI
  • SOC2

CloudTrail Rulesets

To help clarify how these other compliance rulesets compare to the CloudTrail Base Ruleset, we created comparison charts for each compliance ruleset.

HIPAA ISO 27001 MPAA PCI SOC2
CloudTrail Ruleset Supports Criteria 
CloudTrail: Access Denied N/A
CloudTrail: CloudTrail Admin Activity N/A
CloudTrail: AWS Kinesis Service N/A
CloudTrail: AWS Support Case Changes N/A
CloudTrail: AWS Support Information Discovery N/A
CloudTrail: Certificate Manager Changes N/A
CloudTrail: Certificate Manager Information Discovery N/A
CloudTrail: Console Login by Root HIPAA 164.308(a)(5)(ii)(C)
CloudTrail: Console Login: MFA Not Used HIPAA 164.308(a)(5)(ii)(C)
CloudTrail: Console Login: Root Password Change HIPAA 164.308(a)(5)(ii)(D)
CloudTrail : DirectConnect Information Discovery N/A
CloudTrail: DirectConnect Policy Changes N/A
CloudTrail: DynamoDB Backup Created N/A
CloudTrail: DynamoDB Backup Deleted N/A
CloudTrail: DynamoDB Describe Database Components N/A
CloudTrail: DynamoDB List Database Components N/A
CloudTrail: DynamoDB Table Created N/A
CloudTrail: DynamoDB Table Deleted N/A
CloudTrail: EC2 KeyPair Changes HIPAA 164.312(c)(1)
CloudTrail: EC2 Security Group Changes HIPAA 164.312(c)(1)
CloudTrail: EC2 Information Discovery N/A
CloudTrail: EC2 RunInstances N/A
CloudTrail: EC2 Service Changes HIPAA 164.312(c)(1)
CloudTrail: EC2 Instance in Non-Standard Region HIPAA 164.312(c)(1)
CloudTrail: EC2 Started with Non-Standard Image ID HIPAA 164.312(c)(1)
CloudTrail: EC2 Started in Non-Standard VPC HIPAA 164.312(c)(1)
CloudTrail: EC2 Wide Open Security Group HIPAA 164.312(c)(1)
CloudTrail: ECS Account Setting Changes N/A
CloudTrail: ECS Attribute Changes N/A
CloudTrail: ECS Cluster Changes N/A
CloudTrail: ECS Container Instance Changes N/A
CloudTrail: ECS Resource Tag Changes N/A
CloudTrail: ECS Service Changes N/A
CloudTrail: ECS Task Definition Changes N/A
CloudTrail: ECS Task State Changes N/A
CloudTrail: ECS UpdateContainerAgent N/A
CloudTrail: EKS Cluster Changes N/A
CloudTrail: ELB Changes N/A
CloudTrail: ELB Information Discovery N/A
CloudTrail: ELB Listener Changes N/A
CloudTrail: ELB Rule Changes N/A
CloudTrail: ELB Target Changes N/A
CloudTrail: Glacier Vault Changes N/A
CloudTrail: Glacier Vault Information Discovery N/A
CloudTrail: IAM Access Key Changes N/A
CloudTrail: IAM Discovery N/A
CloudTrail: IAM GetAccountAuthorizationDetails N/A
CloudTrail: IAM Group Changes N/A
CloudTrail: IAM Instance Profile Changes N/A
CloudTrail: IAM Policy Changes N/A
CloudTrail: IAM Role Changes N/A
CloudTrail: IAM SAML Changes N/A
CloudTrail: IAM SSH Key Changes N/A
CloudTrail: IAM User Changes N/A
CloudTrail: KMS Key Activity N/A
CloudTrail: Lambda Function Created N/A
CloudTrail: Lambda Function Deleted N/A
CloudTrail: Lambda Permission Changes N/A
CloudTrail: RDS Changes N/A
CloudTrail: RDS Information Discovery N/A
CloudTrail: Route53 DNS Record Changes N/A
CloudTrail: Route53 DNS Zone Created N/A
CloudTrail: Route53 DNS Zone Deleted N/A
CloudTrail: Route53 ListHostedZones N/A
CloudTrail: S3 Bucket Policy Changes HIPAA 164.312(c)(1)
CloudTrail: S3 Create Bucket HIPAA 164.312(c)(1)
CloudTrail: S3 Delete Bucket HIPAA 164.312(c)(1)
CloudTrail: S3 File Tracking HIPAA 164.312(c)(1)
CloudTrail: SES Changes N/A
CloudTrail: SES Information Discovery N/A
CloudTrail: SNS Changes N/A
CloudTrail: SNS Information Discovery N/A
CloudTrail: SQS Changes N/A
CloudTrail: SQS Information Discovery N/A
CloudTrail: STS AssumeRole N/A
CloudTrail: STS GetCallerIdentity N/A
CloudTrail: STS GetFederationToken N/A
CloudTrail: STS GetSessionToken N/A
CloudTrail: VPC ACL Changes N/A
CloudTrail: VPC ACL Information Discovery N/A
CloudTrail: VPC Changes N/A
CloudTrail: VPC Information Discovery N/A
CloudTrail: VPC Interface Changes N/A
CloudTrail: VPC Interface Information Discovery N/A
CloudTrail: VPC Route Changes N/A
CloudTrail: VPC Subnet Changes N/A
CloudTrail: VPC Subnet Information Discovery N/A
 

Related Articles

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request