Posted On: Jan 30, 2024
AWS AppConfig now supports AWS CloudTrail data event logging for the StartConfigurationSession and GetLatestConfiguration APIs. By opting in to these data events, AWS AppConfig will log details about every data plane request to AWS CloudTrail. These logs include information such as what IAM identity made the request, when the request was made, what AWS AppConfig resources were associated with the request, and whether request was made by the AWS AppConfig Agent.
Customers can use this feature to provide enhanced visibility into their AWS AppConfig data plane utilization, thereby improving their product’s governance, compliance, security, and operational posture. In addition to standard AWS CloudTrail logging, customers can also send recorded events to AWS CloudWatch in order to proactively alarm when their AWS account is approaching AWS AppConfig data plane limits.
AWS AppConfig support for logging AWS CloudTrail data events is available in all commercial and the AWS GovCloud (US) Regions.
To learn more about this feature, see Logging AWS AppConfig data events using AWS CloudTrail. To learn more, about AWS AppConfig, see Getting started on AWS AppConfig.