Not monitoring API calls for root login attempts

Details

This rule checks for adherence to Center for Internet Security (CIS) Recommendation 3.3, Ensure a log metric filter and alarm exist for usage of “root” account. https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf#page=94

Tags: cis