Log Group Encryption at Rest Enabled Rule

Rule Description:

Troubleshooting Steps:

2. 1.

   Verify Log Group Encryption Setting:

   • Check if encryption at rest is already enabled for the log groups.
   • Navigate to the AWS Management Console and open the CloudWatch service.
   • Go to the "Log groups" section and search for the relevant log group.
   • Click on the log group and look for the "Encryption" setting.
4. 2.

   Enable Encryption at Rest:

   • If encryption at rest is not already enabled, you will need to enable it.
   • Select the log group that needs encryption enabled.
   • Click on the "Actions" dropdown menu, then select "Modify log group".
   • Under "Encryption (optional)", choose the encryption option that aligns with NIST CSF v1 requirements.
   • Save the changes.

Necessary Codes:

Remediation Steps:

2. 1.

   Open the AWS Management Console and navigate to the CloudWatch service.

4. 2.

   From the CloudWatch dashboard, click on "Log groups" in the left sidebar.

6. 3.

   Search for the relevant log group that needs encryption enabled, and click on it.

8. 4.

   On the log group details page, click on the "Actions" dropdown menu above the log events.

10. 5.

    Select "Modify log group" from the available options.

12. 6.

    In the "Modify log group" dialog box, scroll down to the "Encryption (optional)" section.

14. 7.

    Choose the encryption option that aligns with the NIST CSF v1 requirements. This can be done by selecting an appropriate KMS key or using the default CMK.

16. 8.

    Once you have selected the encryption option, click on the "Save" button to apply the changes.

18. 9.

    Verify that the encryption at rest is now enabled for the log group by checking the "Encryption" setting on the log group details page.