CloudAcademy
  1. Home
  2. Content Library
  3. Amazon Web Services
  4. Courses
  5. AWS CloudTrail: An Introduction

AWS CloudTrail: An Introduction

Contents

keyboard_tab
Introduction
lock
AWS CloudTrail: An Introduction3m 53s
About AWS CloudTrail
lock
What is AWS CloudTrail?5m 23s
lock
How does AWS CloudTrail work?6m 18s
AWS CloudTrail Configuration
lock
Understanding AWS CloudTrail Permissions6m 45s
lock
Understanding Trails13m 9s
lock
Insight into AWS CloudTrail Logs17m 38s
Monitoring
lock
Monitoring with AWS CloudTrail12m 30s
Summary
lock
Summary3m 15s
play-arrow
Start course
Overview
Transcript
DifficultyIntermediate
Duration1h 8m 51s
Students760

Description

Any information that helps to secure your Cloud infrastructure is of significant use to security engineers and architects, with AWS CloudTrail you have the ability to capture all AWS API calls made by users and/or services.

Whenever an API request is made within your environment AWS CloudTrail can track that request with a host of metadata and record it in a Log which is then sent to AWS S3 for storage allowing your to view historical data of your API calls.

Having this information has a number of uses from a security and day to day operational perspective, but it also allows for additional compliance and when it comes to specific security governance controls. Having an audited trail of requests which can be tracked backed to a user or service, and even the IP address used helps to maintain your required compliance levels.

This course provides a full explanation of the service, looking at what it does, how it does it and with what components and services. It breaks down each of the configurable components allowing you to see exactly how it works and to what degree it can be configured.

It dives into permissions required to run and implement CloudTrail, covering roles and policies, along with an overview of S3 Bucket permissions required for log storage. There are also a number of demonstrations within the course showing first hand how to configure Trails and set up various controls and permissions giving you clear guidance on what to do.

CloudTrail Logs are examined to show you exactly how APIs are recorded and how this sensitive information can be encrypted using KMS and also shared between AWS Accounts.

A key aspect of CloudTrail is its relationship with AWS CloudWatch, where the two services can be used together to create a monitoring solution based on API requests, allowing custom metrics and thresholds to be created. When used in conjunction with SNS, this becomes a powerful monitoring solution.

If you have thoughts or suggestions for this course, please contact Cloud Academy at support@cloudacademy.com.

About the Author

Students31599
Labs1
Courses33
Learning paths12

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to more recently cloud architecture and implementation.

He is a Certified Data Centre Design Professional (CDCDP), with his latest achievements gained within the Amazon Web Services (AWS) field.

He currently holds the AWS Certified Solutions Architect - Associate certification as well as accreditations as an AWS Business and Technology Professional and in TCO and Cloud Economics.

In January 2016 Stuart was awarded 'Expert of the Year Award 2015' from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.

Covered topics

ManagementSecurityMonitoringAWSSecurity for AWSMonitoring for AWSManagement for AWSAWS CloudTrail