AWS Cloud Operations Blog
Category: AWS CloudTrail
Ingesting administrative logs from Microsoft Azure to AWS CloudTrail Lake
In January 2023, AWS announced the support of ingestion for activity events from non-AWS sources using CloudTrail Lake. Making CloudTrail Lake a single location of immutable user and API activity events for auditing and security investigations. AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on […]
Leveraging AWS CloudTrail Insights for Proactive API Monitoring and Cost Optimization
AWS CloudTrail Insights is a powerful feature within AWS CloudTrail that helps organizations identify and respond to unusual operational activity in their AWS accounts. This includes identifying spikes in resource provisioning, bursts of IAM actions, or gaps in periodic maintenance activity. CloudTrail Insights continuously analyzes CloudTrail management events from trails and event data stores, establishing […]
Using AWS CloudTrail data events to audit your Amazon SNS and Amazon SQS workloads
Customers in highly regulated industries, such as Financial Services or Healthcare and Life Sciences, often need to audit every action made in environments with sensitive data. Regulations like HIPAA or FFIEC, and industry frameworks like the PCI DSS, require granular log entries that record user and administrative actions within an environment containing sensitive data, and […]
Ten Ways to Improve Your AWS Operations
Introduction When I take my car in for service for a simple oil change, the technician often reads off a litany of other services my car needs that I had put off since the previous service (and maybe the service before that, too). I tend to wait for the “check engine” light to come on […]
Auditing generative AI workloads with AWS CloudTrail
With the emergence of generative AI being incorporated into every aspect of how we utilize technology, a common question that customers are asking is how to properly audit generative AI services on AWS, such as Amazon Bedrock, Amazon Sagemaker, Amazon Q Developer, and Amazon Q Business. In this post, we will demonstrate common scenarios that […]
Identify AWS resources at risk across your multi-account environment with AWS Organizations integrations
With numerous AWS accounts in an organization, receiving an external security finding like a vulnerability assessment or pen test report impacting multiple resources can be challenging. Without a centralized resource viewing and search capability, identifying the affected resources require switching and inspecting each account individually, which is time-consuming and inefficient. Security vulnerabilities are time-sensitive, and […]
How to automate application log ingestion from Amazon EKS on Fargate into AWS CloudTrail Lake
Customers often look for options to capture and centralized storage of application logs from Amazon Elastic Kubernetes Service on Fargate (Amazon EKS on Fargate) Pods to investigate root causes or analyze security incidents. Customers also like the capability to easily query the logs to assist with security investigations. In this blog post, we show you […]
Gain Insights with Natural Language Query into your AWS environment using Amazon CloudTrail and Amazon Q in QuickSight
AWS CloudTrail tracks user and API activities across your AWS environments for governance and auditing purposes. Large enterprises typically use multiple AWS accounts, and many of those accounts might need access to a data lake managed by a single AWS account. By using Lake Formation integration with CloudTrail Lake, you can securely aggregate the data […]
Securely share AWS CloudTrail Lake logs across accounts without replicating data
In 2022, we launched AWS CloudTrail Lake, an immutable managed data lake designed to simplify audit, security, and compliance investigations by capturing, storing, and analyze AWS user and API activities. By providing immutable storage for your activity logs, CloudTrail Lake protects the integrity of your audit data by providing read-only access. CloudTrail Lake integrates seamlessly […]
Tag your AWS Resources consistently with AWS Resource Explorer and AWS CloudTrail
It is often challenging to consistently apply resource tags that deliver organizational benefits such as accurate cost allocation and granular access controls. Organizations often face issues with cleaning up resources in lower environments created by developers during early stages of development and testing. Without proper tagging, it can be difficult to identify experimental resources created […]