AWS CloudTrail is an account management tool that records user activity and API usage in AWS services. CloudTrail stores various types of events as logs in an Amazon S3 bucket, and provides various services that allow you to track, aggregate, and analyze the data.
In this lab, you will explore the offerings of the AWS CloudTrail service. You will review and track activity with CloudTrail by observing the event history dashboard and creating a trail. You will also aggregate specific data events into an event data store to form a CloudTrail lake.
Learning objectives
Upon completion of this intermediate-level lab, you will be able to:
- Access CloudTrail Event history to look up and filter management events
- Create a CloudTrail Trail to log S3 data events
- Apply advanced event selectors to scope event criteria
- Aggregate CloudTrail events into an Event Data Store
- Form and query a CloudTrail Lake
Intended audience
- Candidates for the AWS Certified Security - Specialty certification
- Cloud Architects
- Software Engineers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- AWS CloudTrail
The following content can be used to fulfill the prerequisites:
Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications.
Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.