Aws Eks Cluster Logging Disabled
Description
Detects Amazon EKS clusters that have disabled logging configurations. When cluster logging is disabled, there is reduced visibility into cluster activities, making it difficult to monitor security events, conduct audits, and investigate potential security incidents.
Detection Strategy
• Retrieves all EKS clusters in the specified AWS region
• For each cluster, examines the logging configuration under the cluster settings
• Reports a vulnerability if any logging configuration entry is found with 'enabled' set to false
• Each disabled logging configuration is reported separately with its specific location in the cluster configuration
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.