Clouds Without Global API Accounting

This bot inspects all configured cloud accounts for the presence of API Accounting services such as AWS CloudTrail across all regions. Having this enabled ensures that all cloud activity both within the native cloud console as well as via the programmatic API are captured for audit and tracking purposes.

Recommended Action

Enable and activate an API accounting configuration in each region for all cloud accounts. This will help identifty and mitigate external threats and potential intrusions to your cloud footprint.

Severity

High

Resource Types Inspected

Organization Services (Cloud Accounts)

Reactive Hookpoints

resource.modified