From the course: Complete Guide to AWS Security and Compliance Management

Unlock the full course today

Join today to access over 24,900 courses taught by industry experts.

Understanding CloudTrail

Understanding CloudTrail - Amazon Web Services (AWS) Tutorial

From the course: Complete Guide to AWS Security and Compliance Management

Start my 1-month free trial Buy for my team

Understanding CloudTrail

- [Instructor] CloudTrail is a service within AWS that provides comprehensive API logging capabilities. Let's explore what CloudTrail is, what it can do for you, and how to get it configured. CloudTrail keeps track of changes in an AWS account. This is an indispensable service when considering compliance obligations. It is enabled by default when a new AWS account is created. Included for free are 90 days worth of activity. This activity can be examined in the AWS web console. Ultimately, CloudTrail activity resides in an S3 bucket. If you have multiple accounts, you can configure it such that all trails are delivered to the same bucket. CloudTrail has different categories in terms of the types of events that it logs. One type is management events, which record changes made along the AWS control plane. Example management events include setting up MFA, creating IAM users and creating EC2 instances. Data events record information along the AWS data plane. In plain English, data events…

Contents