Cloudtrail logs not configured to use SSE-KMS (Server-Side Encryption, AWS Key Management Service)

Details

This rule checks for adherence to Center for Internet Security (CIS) Recommendation 2.7, Ensure CloudTrail logs are encrypted at rest using KMS CMKs. https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf#page=84

Tags: cloudtrail cis