AWSARCH.IO

AWS provides a detailed instruction on how to setup Athena on how to setup ALB access logs. I'm not going to recap the configuration in this blog article, but share 3 of my favorite queries... If you have an AWS deployment, make sure you turn on AWS Config. It has a whole bunch of built-in rules, and you can add your own to validate the security of your AWS environment as it relates to AWS services. Amazon provides good documentation, a GitHub repo, and SumoLogic does a quick How-to turn it on. It's straightforward to turn on and use. AWS provides some pre-configured rules, and that's what this AWS environment will validate against. There is a screenshot below of the results. Aside from turning it on, you have to decide which rules are valid for you. For instance, not all S3 buckets have business requirements to replicate, so I'd expect this to always be a noncompliant resource.However, one of my findings yesterday was missing EBS encrypted volumes... The AWS Certified Solutions..