CloudTrail

  • CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account.

  • Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail.

    • Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.

  • CloudTrail is enabled on your AWS account when you create it.

  • You can use CloudTrail to view, search, download, archive, analyze, and respond to account activity across your AWS infrastructure.

  • You can identify who or what took which action, what resources were acted upon, when the event occurred, and other details to help you analyze and respond to activity in your AWS account.

  • Optionally, you can enable CloudTrail Insights on a trail to help you identify and respond to unusual activity.

  • A trail that applies to all regions

    • CloudTrail records events in each and every region and delivers the CloudTrail event log files to an S3 bucket that you specify.

  • A trail that applies to one region

    • CloudTrail records the events in that region only.

PreviousCloudWatch EventsNextConfig

Last updated