terraform-aws-cloudwatch icon indicating copy to clipboard operation
terraform-aws-cloudwatch copied to clipboard

Published 20 hours ago β€’ verified publisher icon terraform-aws-modules

feat: Update CIS-Alarms for unauthorized API calls AWS Benchmark

Open sharonsahadevan opened this issue 3 years ago β€’ 0 comments

Description

AWS CIS check remediation metric filter described in the official documentation ( https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-cis-controls.html) is different from the metric filter written in this terraform module. This metric filter difference is causing a false CIS check security hub. Currently, the security hub is marking the CIS check for unauthorized API call as "failed" reason is "Not valid metric filter found".

Motivation and Context

This PR will fix the false security hub unauthorized API call CIS check failure.

Breaking Changes

There are no breaking changes.

How Has This Been Tested?

Tested in a development environment.

sharonsahadevan avatar Aug 22 '22 07:08 sharonsahadevan