Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

CloudTrail Basics

  1. Home
  3. AWS Certified Security Specialty
  5. CloudTrail Basics
  • It is a web service that records API activity in AWS account.
  • It is enabled on AWS account when created.
  • All activity occurring in AWS account, is recorded in a CloudTrail event.
  • Activity of past 90 days can be viewed/ searched/downloaded from event history view
  • It logs information on
  • who made a request
    • the services used
    • the actions performed
    • parameters for the actions
    • the response elements returned by the AWS service.
  • Stores Logs in specific log group.
  • Logs provide specific information on what occurred in AWS account.
  • focuses more on AWS API calls made in AWS account.
  • helps in meeting compliance and regulatory standards.
  • Usually delivers an event within 15 minutes of the API call.
  • It helps you enable governance, compliance, and operational and risk auditing.
  • CloudTrail records all actions taken on user-wise/role-wise/service -wise
  • Events cover all actions in
    • AWS Management Console
    • AWS Command Line Interface
    • AWS SDKs and APIs.
  • Trail is a configuration which delivers event details to specified S3 bucket
  • Trail is employed for archival, analysis against changes in AWS resources
  • create a trail with
    • CloudTrail console
    • AWS CLI
    • CloudTrail API
  • Types of trails
    • A trail that applies to all regions – records events in each region. Default with console
    • A trail that applies to one region – records the events in that region only. Default option with AWS CLI or CloudTrail API.
Menu