tloubrieu-jpl
commented
1 month ago Ready for review by the SA's , @eddiesarevalo and @viviant100 will present them the feature at a meeting.
Closed viviant100 closed 4 days ago
tloubrieu-jpl
commented
1 month ago Ready for review by the SA's , @eddiesarevalo and @viviant100 will present them the feature at a meeting.
tloubrieu-jpl
commented
1 month ago @viviant100 is reviewing the logging with MCP.
viviant100
commented
1 month ago reviewed and the compilance status went from failed to pass. Waiting for Gabe's confirmation before we apply the changes to other cloudfront instances in dev and test environment.
tloubrieu-jpl
commented
2 weeks ago The same configuration has been applied to all deployments in dev. Next the configuration will be deployed in test by @viviant100 or the SAs.
viviant100
commented
2 weeks ago I verified that the logging fix passed the Security Hub check in the dev venue.
Checked for duplicates
Yes - I've already checked
🐛 Describe the vulnerability
Per MCP ticket (GSD-3259), due date is 6/1/24 to enable logging on both dev and test env:
AWS suggests the following remediation step(s). (See remediation instructions)
To configure access logging for a CloudFront distribution, see Configuring and using standard logs (access logs) in the Amazon CloudFront Developer Guide.
We ask that you initiate and complete remediation the non-compliant resources within 30 days of this notice. We understand that this may require technical planning and that you may require additional time beyond our projected timeline. If so, please coordinate herein regarding an exemption from our process and a proposed timeline.
🕵️ Expected behavior
I expected [...]
📜 To Reproduce
🖥 Environment Info
📚 Version of Software Used
No response
🩺 Test Data / Additional context
No response
🦄 Related requirements
🦄 #xyz
⚙️ Engineering Details
No response