github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/cloudwatch/AVD-AWS-0157/docs.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/cloudwatch/AVD-AWS-0157/docs.md (about)

     1  
     2  You can do real-time monitoring of API calls by directing CloudTrail logs to CloudWatch Logs and establishing corresponding metric filters and alarms.   
     3  NACLs are used as a stateless packet filter to control ingress and egress traffic for subnets in a VPC.                                               
     4                                                                                
     5  CIS recommends that you create a metric filter and alarm for changes to NACLs. Monitoring these changes helps ensure that AWS resources and services aren't unintentionally exposed.
     6  
     7  ### Impact
     8  Network ACLs control the ingress and egress, changes could be made to maliciously allow egress of data or external ingress. Without alerting, this could go unnoticed.
     9  
    10  <!-- DO NOT CHANGE -->
    11  {{ remediationActions }}
    12  
    13  ### Links
    14  - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudwatch-alarms-for-cloudtrail.html
    15  
    16