Amazon Web Services
Demonstrate the working of AWS Cloudtrail

Welcome to Chronicles, let's explore AWS Cloudtrail

Description:

AWS CloudTrail is a AWS service that helps you enable operational and risk auditing, governance, and compliance of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.

CloudTrail is enabled on your AWS account when you create it. When activity occurs in your AWS account, that activity is recorded in a CloudTrail event. You can easily view recent events in the CloudTrail console by going to Event history. For an ongoing record of activity and events in your AWS account, create an event data store or create a trail. For more information about CloudTrail pricing, see AWS CloudTrail Pricing.

Fig. 10.1: AWS Cloud Trail Dashboard

Working:

  1. Log in to your AWS Management Console and navigate to the CloudTrail service.

  2. Click on the "Create trail" button to create a new CloudTrail trail.

  3. Choose a name for your trail and select the region where you want to store your CloudTrail logs.

Fig.10.2: Choosing the trail attributes

  1. Decide which events you want to log. You can log all events or select specific ones based on the services and resources you want to track.

  2. Choose a storage location for your logs. You can store them in an S3 bucket, a CloudWatch Logs group, or both.

Fig.10.3: Creation of the cloud trail

  1. Choose any additional options you want to enable, such as log file validation or cloud watch event delivery.

  2. Review your settings and click "Create trail" to create your CloudTrail trail.

  3. Once your trail is created, you can view and manage it from the CloudTrail dashboard. You can also configure CloudWatch alarms to notify you when certain events occur or when your log storage reaches a certain capacity.

  4. To test your CloudTrail configuration, perform some actions in your AWS account that will generate CloudTrail logs, such as creating a new EC2 instance or modifying a security group.

  5. Navigate to your S3 bucket or CloudWatch Logs group to view your CloudTrail logs. You should see a log file for each event that was generated in your account.

Fig.10.4: Viewing various logs of the AWS account using cloud trail service

Congratulations!! You have successfully explored the features of AWS Cloudtrail.

Demonstrate the working of AWS CloudwatchTerminal_commands