With AWS CloudTrail you have the ability to capture all AWS API calls made by users and/or services to help secure your Cloud infrastructure. Watch this short video to learn more on CloudTrail. In the full course you’ll get a full explanation of the service and what the AWS CloudTrail components and services are.
The full course dives into permissions required to run and implement AWS CloudTrail, covering roles and policies, along with an overview of S3 Bucket permissions required for log storage.
Within the course, there are also demonstrations to show you first hand how to configure Trails and set up various controls and permissions giving you clear guidance on what to do.
You’ll cover CloudTrail Logs to show you exactly how APIs are recorded and how this sensitive information can be encrypted using KMS and shared between multiple AWS Accounts.
The course then continues on CloudTrail relationship with AWS CloudWatch and how the two services can be used together to create a monitoring solution based on API requests. When used in conjunction with SNS, this becomes a powerful monitoring solution.
If you’re interested in learning more about AWS security and understanding risk, compliance and cloud governance within AWS, we recommend the Cloud Academy’s AWS Governance and Compliance Learning Path