Update Mapping-AWS-nist800-53-.md

austinsonger · Jun 19, 2024 · e5baba5 · e5baba5
1 parent 55b206d
commit e5baba5
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/docs/Mapping-AWS-nist800-53-.md b/docs/Mapping-AWS-nist800-53-.md
@@ -19,7 +19,7 @@
 | CloudWatchAlarmAction                               | The CloudWatch alarm does have at least one alarm action, one INSUFFICIENT_DATA action, or one OK action enabled. | AU-6(1), AU-6(5), AU-12(3), AU-14a, AU-14b, CA-2(2), CA-7, CA-7b, PM-14a.1, PM-14b, PM-31, SC-36(1)(a), SI-2a, SI-4(12), SI-5b, SI-5(1) |
 | CloudWatchLogGroupEncrypted                         | The CloudWatch Log Group is encrypted with an AWS KMS key.   | AU-9(3), CP-9d, SC-8(3), SC-8(4), SC-13a, SC-28(1), SI-19(4) |
 | CloudWatchLogGroupRetentionPeriod                   | The CloudWatch Log Group does have an explicit retention period configured. | AC-16b, AT-4b, AU-6(3), AU-6(4), AU-6(6), AU-6(9), AU-10, AU-11(1), AU-11, AU-12(1), AU-12(2), AU-12(3), AU-14a, AU-14b, CA-7b, PM-14a.1, PM-14b, PM-21b, PM-31, SC-28(2), SI-4(17), SI-12 |
-| CloudWatchLoggroupRetentionPeriodCheck              | AWS KMS keys are not scheduled for deletion in AWS Key Management Service (KMS). | SA-9(6), SC-12, SC-12(2), SC-12(6)                           |
+|CloudWatchLoggroupRetentionPeriodCheck| CloudWatch LogGroup retention period is set to specific number of days and is greater than the configured retention period. | AC-16b, AT-4b, AU-6(3), AU-6(4), AU-6(6), AU-6(9), AU-10, AU-11(1), AU-11, AU-12(1), AU-12(2), AU-12(3), AU-14a, AU-14b, CA-7b, PM-14a.1, PM-14b, PM-21b, PM-31, SC-28(2), SI-4(17), SI-12 |
 | DMSReplicationNotPublic                             | The DMS replication instance is public.                      | AC-2(6), AC-3, AC-3(7), AC-4(21), AC-6, AC-17b, AC-17(1), AC-17(1), AC-17(4)(a), AC-17(9), AC-17(10), MP-2, SC-7a, SC-7b, SC-7c, SC-7(2), SC-7(3), SC-7(7), SC-7(9)(a), SC-7(11), SC-7(12), SC-7(16), SC-7(20), SC-7(21), SC-7(24)(b), SC-7(25), SC-7(26), SC-7(27), SC-7(28), SC-25 |
 | DynamoDBAutoScalingEnabled                          | The provisioned capacity DynamoDB table does have Auto Scaling enabled on it's indexes. | CP-1a.1(b), CP-1a.2, CP-2a, CP-2a.6, CP-2a.7, CP-2d, CP-2e, CP-2(5), CP-2(6), CP-6(2), CP-10, SC-5(2), SC-6, SC-22, SC-36, SI-13(5) |
 | DynamoDBInBackupPlan                                | The DynamoDB table is in an AWS Backup plan.                 | CP-1(2), CP-2(5), CP-6a, CP-6(1), CP-6(2), CP-9a, CP-9b, CP-9c, CP-10, CP-10(2), SC-5(2), SI-13(5) |
@@ -122,5 +122,3 @@
 | VPCSGOpenOnlyToAuthorizedPorts                      | The VPC Security Group restricts IPv4 TCP traffic on unauthorized ports.2 | AC-4(21), AC-17b, AC-17(1), AC-17(1), AC-17(4)(a), AC-17(9), AC-17(10), SC-7a, SC-7c, SC-7(5), SC-7(11), SC-7(12), SC-7(16), SC-7(21), SC-7(24)(b) |
 | VPCSubnetAutoAssignPublicIpDisabled                 | The subnet auto-assigns public IP addresses.                 | AC-2(6), AC-3, AC-3(7), AC-4(21), AC-6, AC-17b, AC-17(1), AC-17(1), AC-17(4)(a), AC-17(9), AC-17(10), MP-2, SC-7a, SC-7b, SC-7c, SC-7(2), SC-7(3), SC-7(7), SC-7(9)(a), SC-7(11), SC-7(12), SC-7(16), SC-7(20), SC-7(21), SC-7(24)(b), SC-7(25), SC-7(26), SC-7(27), SC-7(28), SC-25 |
 | WAFv2LoggingEnabled                                 | The WAFv2 web ACL does have logging enabled.                 | AC-4(26), AU-2b, AU-3a, AU-3b, AU-3c, AU-3d, AU-3e, AU-3f, AU-6(3), AU-6(4), AU-6(6), AU-6(9), AU-8b, AU-10, AU-12a, AU-12c, AU-12(1), AU-12(2), AU-12(3), AU-12(4), AU-14a, AU-14b, AU-14b, AU-14(3), CA-7b, CM-5(1)(b), IA-3(3)(b), MA-4(1)(a), PM-14a.1, PM-14b, PM-31, SC-7(9)(b), SI-4(17), SI-7(8) |
-|                                                     | CloudWatch LogGroup retention period is set to specific number of days and is greater than the configured retention period. | AC-16b, AT-4b, AU-6(3), AU-6(4), AU-6(6), AU-6(9), AU-10, AU-11(1), AU-11, AU-12(1), AU-12(2), AU-12(3), AU-14a, AU-14b, CA-7b, PM-14a.1, PM-14b, PM-21b, PM-31, SC-28(2), SI-4(17), SI-12 |
-