Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

Severity: Low

Description: This control ensures that CloudWatch log groups have retention period set. CloudWatch log groups will store data infinite number of days. While the costs are not high, this is one of those services that can quietly sneak up and end up costing a fair amount every month. According to the requirement, we can set the retention policy.

Remediation Steps:

Perform following to disable public access to cloud trail bucket :

  1. Login to the AWS Management Console at https://console.aws.amazon.com

  2. Go to CloudWatch in services

  3. In left navigation panel under Logs, select Log groups .

  4. Select the Log group that need to reconfigure.

  5. Select Actions dropdown.

  6. Select the Edit retention setting, select retention days from the dropdown.

  7. Click on Save.

Important:

Reference:

  • No labels