Disabled Neptune logging is detected. Make sure to enable Neptune logging to analyse traffic patterns and troubleshoot security.
1resource "aws_neptune_cluster" "test" {
2 # Noncompliant: Neptune logging is not enabled.
3 cluster_identifier = "neptune-cluster-demo"
4 engine = "neptune"
5 backup_retention_period = 5
6 preferred_backup_window = "07:00-09:00"
7 skip_final_snapshot = true
8 iam_database_authentication_enabled = true
9 apply_immediately = true
10 storage_encrypted = true
11 deletion_protection = true
12 kms_key_arn = aws_kms_key.pike.arn
13}
1resource "aws_neptune_cluster" "test" {
2 cluster_identifier = "neptune-cluster-demo"
3 engine = "neptune"
4 backup_retention_period = 5
5 preferred_backup_window = "07:00-09:00"
6 skip_final_snapshot = true
7 iam_database_authentication_enabled = true
8 apply_immediately = true
9 # Compliant: Neptune logging is enabled.
10 enable_cloudwatch_logs_exports = ["audit"]
11 storage_encrypted = true
12 deletion_protection = true
13 kms_key_arn = aws_kms_key.pike.arn
14}