AWS Management & Governance Blog
Category: AWS CloudTrail
How to Detect and Mitigate Guardrail Violation with AWS Control Tower
Many companies that I work with would like to innovate fast in the cloud by adopting a self-service infrastructure provisioning model in a multi-account environment. However, maintaining security and governance in such a model is an organizational challenge. Without structured guardrails and baseline configuration enforcement, troubleshooting and mitigating risk can be cumbersome. AWS Control Tower […]
Read MoreHow to Create an AWS Cross-Account Support Case Dashboard
At AWS, our customer obsession drives us to leave no stone unturned in helping our customers achieve success. Therefore, when a customer finds an interesting way to create valuable functionality using a combination of AWS services, we want to let our other customers know about it so they can also reap the benefits. A great […]
Read MoreReplacing SSH access to reduce management and security overhead with AWS Systems Manager
Cesar Soares, DevOps and cloud infrastructure manager, VR Beneficios In many corporate enterprises, interactive shell access to cloud or datacenter environments is a necessity. It must be supported in a secure, auditable manner, often programmatic or via scripting, and with strong access controls. As discussed in a previous post by Jeff Barr, AWS Systems Manager […]
Read MoreMaximizing features and functionality in AWS CloudTrail
Thanks to the following AWS CloudTrail experts for their work on this post: Avneesh Singh, Senior Product Manager, AWS CloudTrail Jeff McRae, Software Development Manager, AWS CloudTrail Keith Robertson, Software Development Manager, AWS CloudTrail Susan Ferrell, Senior Technical Writer, AWS Are you taking advantage of all the features and functionality that AWS CloudTrail offers? Here […]
Read MoreManaging AWS resources across multiple accounts and Regions using AWS Systems Manager Automation
AWS Systems Manager Automation simplifies common administrative and maintenance tasks of AWS resources. Using Systems Manager Automation, you can execute predefined tasks/workflows in the form of AWS Systems Manager documents (SSM documents) that you can write yourself or use community published documents. A SSM document defines the actions that Systems Manager performs on your AWS […]
Read MoreAutomating the discovery of unused AWS Lambda functions
In 2017 Kyle Somers explained how you can gain visibility into the execution of your AWS Lambda functions in his blog post announcing AWS CloudTrail data events for AWS Lambda. In my blog post, I’ll expand upon Kyle’s post to show you how you can combine CloudTrail data events for AWS Lambda with the power […]
Read MoreGain Visibility into the Execution of Your AWS Lambda functions with AWS CloudTrail
Today, we are happy to announce that AWS CloudTrail now supports the Lambda Invoke API as a new data event type with the launch of CloudTrail Lambda data events. Previously, AWS CloudTrail supported management events for AWS Lambda, which allowed you to capture when and by whom a function was created, modified, or deleted. With […]
Read MoreMonitor Changes and Auto-Enable Logging in AWS CloudTrail
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Hence, it’s crucial to monitor any changes to CloudTrail and make sure that logging is always enabled. With CloudTrail, you can log, continuously monitor, and retain events related to API calls across your AWS infrastructure. CloudTrail provides […]
Read MoreStreamline AWS CloudTrail Logs Using Event Filters
In November 2016, AWS CloudTrail announced a new feature that provides the ability to filter events that are collected within a CloudTrail trail. This simple feature helps AWS customers save time and money by creating trails that contain a subset of overall API operations and account activity. In this post, I show you how to […]
Read MoreAnalyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena
A few days ago, The AWS Big Data Blog published a new blog post: “Analyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena.” In this blog post, AWS Professional Services Consultant Sai Sriparasa shows how to set up and use the recently released Amazon Athena CloudTrail SerDe to query AWS CloudTrail […]
Read More