CloudTrail Rule Set Compliance Matrix

Follow

 

CloudTrail Rule Sets Overview

Threat Stack provides a CloudTrail Rule Set to help you get started on your security journey. We recognize that the CloudTrail Rule Set may not meet your organization's specific needs and so we created alternate compliance rule sets based on:

  • HIPAA
  • ISO 27001
  • MPAA
  • PCI
  • SOC2

CloudTrail Rule Sets

To help clarify how these other compliance rule sets compare to the CloudTrail Base Rule Set, we created comparison charts for each compliance rule set.

HIPAA ISO 27001 MPAA PCI SOC2
CloudTrail Rule Set Supports Criteria 
CloudTrail: Access Denied N/A
CloudTrail: CloudTrail Admin Activity N/A
CloudTrail: AWS Kinesis Service N/A
CloudTrail: AWS Support Case Changes N/A
CloudTrail: AWS Support Information Discovery N/A
CloudTrail: Certificate Manager Changes N/A
CloudTrail: Certificate Manager Information Discovery N/A
CloudTrail: Console Login by Root HIPAA 164.308(a)(5)(ii)(C)
CloudTrail: Console Login: MFA Not Used HIPAA 164.308(a)(5)(ii)(C)
CloudTrail: Console Login: Root Password Change HIPAA 164.308(a)(5)(ii)(D)
CloudTrail : DirectConnect Information Discovery N/A
CloudTrail: DirectConnect Policy Changes N/A
CloudTrail: DynamoDB Backup Created N/A
CloudTrail: DynamoDB Backup Deleted N/A
CloudTrail: DynamoDB Describe Database Components N/A
CloudTrail: DynamoDB List Database Components N/A
CloudTrail: DynamoDB Table Created N/A
CloudTrail: DynamoDB Table Deleted N/A
CloudTrail: EC2 KeyPair Changes HIPAA 164.312(c)(1)
CloudTrail: EC2 Security Group Changes HIPAA 164.312(c)(1)
CloudTrail: EC2 Information Discovery N/A
CloudTrail: EC2 RunInstances N/A
CloudTrail: EC2 Service Changes HIPAA 164.312(c)(1)
CloudTrail: EC2 Instance in Non-Standard Region HIPAA 164.312(c)(1)
CloudTrail: EC2 Started with Non-Standard Image ID HIPAA 164.312(c)(1)
CloudTrail: EC2 Started in Non-Standard VPC HIPAA 164.312(c)(1)
CloudTrail: EC2 Wide Open Security Group HIPAA 164.312(c)(1)
CloudTrail: ECS Account Setting Changes N/A
CloudTrail: ECS Attribute Changes N/A
CloudTrail: ECS Cluster Changes N/A
CloudTrail: ECS Container Instance Changes N/A
CloudTrail: ECS Resource Tag Changes N/A
CloudTrail: ECS Service Changes N/A
CloudTrail: ECS Task Definition Changes N/A
CloudTrail: ECS Task State Changes N/A
CloudTrail: ECS UpdateContainerAgent N/A
CloudTrail: EKS Cluster Changes N/A
CloudTrail: ELB Changes N/A
CloudTrail: ELB Information Discovery N/A
CloudTrail: ELB Listener Changes N/A
CloudTrail: ELB Rule Changes N/A
CloudTrail: ELB Target Changes N/A
CloudTrail: Glacier Vault Changes N/A
CloudTrail: Glacier Vault Information Discovery N/A
CloudTrail: IAM Access Key Changes N/A
CloudTrail: IAM Discovery N/A
CloudTrail: IAM GetAccountAuthorizationDetails N/A
CloudTrail: IAM Group Changes N/A
CloudTrail: IAM Instance Profile Changes N/A
CloudTrail: IAM Policy Changes N/A
CloudTrail: IAM Role Changes N/A
CloudTrail: IAM SAML Changes N/A
CloudTrail: IAM SSH Key Changes N/A
CloudTrail: IAM User Changes N/A
CloudTrail: KMS Key Activity N/A
CloudTrail: Lambda Function Created N/A
CloudTrail: Lambda Function Deleted N/A
CloudTrail: Lambda Permission Changes N/A
CloudTrail: RDS Changes N/A
CloudTrail: RDS Information Discovery N/A
CloudTrail: Route53 DNS Record Changes N/A
CloudTrail: Route53 DNS Zone Created N/A
CloudTrail: Route53 DNS Zone Deleted N/A
CloudTrail: Route53 ListHostedZones N/A
CloudTrail: S3 Bucket Policy Changes HIPAA 164.312(c)(1)
CloudTrail: S3 Create Bucket HIPAA 164.312(c)(1)
CloudTrail: S3 Delete Bucket HIPAA 164.312(c)(1)
CloudTrail: S3 File Tracking HIPAA 164.312(c)(1)
CloudTrail: SES Changes N/A
CloudTrail: SES Information Discovery N/A
CloudTrail: SNS Changes N/A
CloudTrail: SNS Information Discovery N/A
CloudTrail: SQS Changes N/A
CloudTrail: SQS Information Discovery N/A
CloudTrail: STS AssumeRole N/A
CloudTrail: STS GetCallerIdentity N/A
CloudTrail: STS GetFederationToken N/A
CloudTrail: STS GetSessionToken N/A
CloudTrail: VPC ACL Changes N/A
CloudTrail: VPC ACL Information Discovery N/A
CloudTrail: VPC Changes N/A
CloudTrail: VPC Information Discovery N/A
CloudTrail: VPC Interface Changes N/A
CloudTrail: VPC Interface Information Discovery N/A
CloudTrail: VPC Route Changes N/A
CloudTrail: VPC Subnet Changes N/A
CloudTrail: VPC Subnet Information Discovery N/A
 
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.