Service for logging API calls and events in AWS services
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including changes made to your AWS resources.
5 minutes
5 Questions
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. It records AWS API calls for your account and delivers log files to your Amazon S3 bucket. These recorded API calls can be from the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services.
CloudTrail provides visibility into user activity by recording actions taken on your account. For each action, you can see who performed it, when it was performed, from where it was requested, and what was done. This information helps with security analysis, resource change tracking, and compliance auditing.
Key features of CloudTrail include:
1. AWS account activity monitoring: Records API calls across all AWS regions.
2. Log file storage: Delivers log files to an S3 bucket you specify, with optional encryption.
3. Event history: Provides a viewable, searchable, downloadable, and immutable record of the past 90 days of management events.
4. Integration with other AWS services: Works with CloudWatch Logs for monitoring, SNS for notifications, and EventBridge for automating responses.
5. Organization trails: Can create a trail that logs all events for all AWS accounts in an AWS Organizations organization.
6. Data events: Can log data plane operations on resources, such as S3 object-level activity or Lambda function executions.
7. Management events: Records operations performed on resources in your AWS account.
8. Insights events: Helps identify unusual activity by analyzing API call volumes.
CloudTrail is essential for security best practices as it provides an audit trail for actions taken within your AWS environment, aiding in troubleshooting operational issues and meeting regulatory compliance requirements. It operates with negligible impact on performance and is a foundational service for any well-architected AWS solution.AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. It records AWS API calls for your account and delivers log files to your Amazon S3 bucket. These recorded API calls can be from the AWS Management Console, AWS SDKs, command…