AWS managedservices documentation change
Summary
Changed CloudTrail log retention from 'indefinitely' to '10 years'.
Security assessment
Clarifies security policy for audit logs but lacks evidence of addressing a specific vulnerability. The update improves documentation of security controls without referencing a security incident.
Diff
diff --git a/managedservices/latest/onboardingguide/log-defaults.md b/managedservices/latest/onboardingguide/log-defaults.md index 73d2cd22e..bbdd0d623 100644 --- a//managedservices/latest/onboardingguide/log-defaults.md +++ b//managedservices/latest/onboardingguide/log-defaults.md @@ -18 +18 @@ The logs are retained in CloudWatch Logs as needed (you can configure this), and -You can request a change to log retention for all logs, except AWS CloudTrail logs, which are kept indefinitely for audit and security reasons. +You can request a change to log retention for all logs, except AWS CloudTrail logs, which are kept for 10 years for audit and security reasons.