Author: Isaiah Salinas

AWS CloudTrail records API calls and events for your AWS account, providing audit trails for governance, compliance, and operational troubleshooting. Customers can also enable data events in CloudTrail to gain deeper visibility into resource-level operations. These include Amazon S3 object-level operations (such as GetObject/PutObject) or AWS Lambda function invocations. Data events help detect unauthorized access, […]

AWS customers use AWS CloudTrail Lake to aggregate and analyze their AWS activity for security, operational troubleshooting, and compliance purposes. However, when investigating security incidents or conducting compliance audits, customers often need additional business context beyond the basic event details – like which team or project owns the affected resources, or what where the properties […]

Customers in highly regulated industries, such as Financial Services or Healthcare and Life Sciences, often need to audit every action made in environments with sensitive data. Regulations like HIPAA or FFIEC, and industry frameworks like the PCI DSS, require granular log entries that record user and administrative actions within an environment containing sensitive data, and […]

In 2022, we launched AWS CloudTrail Lake, an immutable managed data lake designed to simplify audit, security, and compliance investigations by capturing, storing, and analyze AWS user and API activities. By providing immutable storage for your activity logs, CloudTrail Lake protects the integrity of your audit data by providing read-only access. CloudTrail Lake integrates seamlessly […]

AWS Config is a service that tracks configuration changes of AWS resources in your AWS account. AWS Config uses the configuration recorder to detect these changes and then captures them as configuration items. The configuration recorder is created and started in each Region where you set up AWS Config. By default, the configuration recorder records […]

AWS Config is a service that tracks configuration changes of AWS resources in your AWS account.  AWS Config uses the configuration recorder to create a configuration item whenever it detects a change to a resource type that it is recording. For example, if AWS Config is recording Amazon S3 buckets, AWS Config creates a configuration […]

Organizations managing cloud infrastructure in AWS need effective mechanisms to audit operations in their AWS accounts for security and compliance. Early this year we announced the availability of AWS CloudTrail Lake a managed data lake that lets organizations aggregate, immutably store, and query events recorded by CloudTrail for auditing, security investigation, and operational troubleshooting. CloudTrail […]

AWS Config lets you evaluate your AWS resources with a desired configuration state using AWS Config Rules. In AWS Config, you can define two types of rules, managed rules and custom rules. Managed rules are AWS provided rules that will evaluate your resources with a predefined configuration state that address some of the most common […]

Earlier this year we published a blog, Visualizing AWS Config data using Amazon Athena and Amazon QuickSight. It outlines the steps for setting up AWS Config with Amazon Athena and Amazon QuickSight. We received great feedback from that post. To further help our customers adopt these tools we are happy to announce the availability of […]

In this guest post, Henrik André Olsen, Solutions Architect, discusses how he visualized AWS Config data in Amazon QuickSight dashboards with a high value for the Danish insurance company Topdanmark.  If you are an AWS Config user, you are probably already familiar with how to use the AWS Config console to access data, but it’s […]