What Is AWS CloudTrail?

How CloudTrail works?

Your AWS account is automatically enabled for CloudTrail once it is created. CloudTrail events are created when activities occur in your AWS account. On the CloudTrail console, click on Event history to view events.

You can create two types of trails for an AWS account:

· A trail that applies to all regions

The CloudTrail event log files for all regions are delivered to an S3 bucket that you specify, when a trail is created that applies to all regions. If a region is added after you create a trail that applies to all regions, that new region is automatically included in the trail, and events in that region are logged. An all-regions trail is the default option when you create a trail in the CloudTrail console because it is a recommended best practice for capturing activity across all regions in your account. The AWS CLI is the only way to update a single-region trail to log all regions. For more information, see Creating a trail in the console (basic event selectors).

· A trail that applies to one region:

If you create a trail that applies to a specific region, CloudTrail records the events only in that region. It then uploads the CloudTrail event logs to an Amazon S3 bucket that you specify. A single trail can only be created using the AWS CLI. If you create additional trails, the CloudTrail event logs will be delivered to the same Amazon S3 bucket or to separate buckets. Create, update, and manage trails with AWS CLI and CloudTrail API. For more information, see Creating, updating, and managing trails with AWS CLI and CloudTrail API.

Difference between CloudWatch and CloudTrail :

CloudWatch monitors the health and performance of AWS services and resources.

AWS CloudWatch :

AWS CloudWatch is a monitoring service for AWS cloud resources and applications. Amazon CloudWatch helps you collect and track metrics, collect and monitor log files, set alarms, and react automatically to changes in your AWS resources.

AWS CloudWatch

AWS CloudTrail :

CloudTrail is an AWS service for governance, compliance, operational auditing, and risk auditing. CloudTrail enables you to log, continuously monitor, and retain account activity across your AWS infrastructure. It provides an event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.

AWS CloudTrail

Security in AWS CloudTrail?

AWS prioritizes cloud security above all else. Customers of AWS benefit from a data center and network architecture that is built to meet the needs of the most security-sensitive organizations.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store