Posted On: Mar 12, 2015
We are excited to announce support for looking up API activity in CloudTrail. Using the CloudTrail console, AWS SDKs, or AWS CLI, you can look up API activity related to creating, deleting, and updating AWS resources in your account. You can use this feature to troubleshoot operational issues or security incidents and take immediate actions such as following up with the user or open a trouble ticket to do deeper analysis.
This feature is available immediately in the following regions: US East (Northern Virginia), US West (Oregon), US West (Northern California), Europe (Ireland), Asia Pacific (Sydney), Asia Pacific (Singapore), Europe (Germany), Asia Pacific (Tokyo), and South America (Brazil). You can look up API activity that was made to create, delete, or update AWS resources in your AWS account. You can look up API activity that was captured for your account in the last 7 days for 28 AWS services including Amazon EC2, Amazon RDS, Amazon EEBS, Amazon VPC, and AWS Identity and Access Management (IAM). For a list of supported services, refer the CloudTrail documentation.
If you have already turned on CloudTrail for your account, you do not need to take any other action. Simply go to the CloudTrail console, and the API activity related to creating, deleting, and updating AWS resources will be automatically available to you. If you haven’t turned on CloudTrail for your AWS account, turn it on now from the CloudTrail console. Once you login to the CloudTrail console, you will see the API activity history arranged in reverse chronological order with the most recent events listed at the top. You can filter the API activity to troubleshoot operational issues or security incidents. The five filters supported are: Time range, Event name, User name, Resource type, and Resource name. You can drill down into each event and review it in detail or navigate to a specific AWS service console and view additional details about a resource referenced in the event.
There are no additional charges for looking up API activity. For more information about this feature, go to CloudTrail documentation.