Checks/Aws/Test-CloudwatchLogMetricFilterDisableOrScheduledDeletionOfKmsCmk.ps1
|
function Test-CloudwatchLogMetricFilterDisableOrScheduledDeletionOfKmsCmk { <# .SYNOPSIS Account has a CloudWatch log metric filter and alarm for disabling or scheduled deletion of customer-managed KMS keys .DESCRIPTION CloudTrail events delivered to CloudWatch are evaluated for a **metric filter and alarm** that monitor **KMS CMK state changes**, specifically `DisableKey` and `ScheduleKeyDeletion` from `kms.amazonaws.com`. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check cloudwatch_log_metric_filter_disable_or_scheduled_deletion_of_kms_cmk for reference.', 'N/A', 'cloudwatch Resources') } |