AWS Management & Governance Blog

Category: AWS CloudTrail

How to Detect and Mitigate Guardrail Violation with AWS Control Tower

Many companies that I work with would like to innovate fast in the cloud by adopting a self-service infrastructure provisioning model in a multi-account environment. However, maintaining security and governance in such a model is an organizational challenge. Without structured guardrails and baseline configuration enforcement, troubleshooting and mitigating risk can be cumbersome. AWS Control Tower […]

Read More

How to Create an AWS Cross-Account Support Case Dashboard

At AWS, our customer obsession drives us to leave no stone unturned in helping our customers achieve success. Therefore, when a customer finds an interesting way to create valuable functionality using a combination of AWS services, we want to let our other customers know about it so they can also reap the benefits. A great […]

Read More

Replacing SSH access to reduce management and security overhead with AWS Systems Manager

Cesar Soares, DevOps and cloud infrastructure manager, VR Beneficios In many corporate enterprises, interactive shell access to cloud or datacenter environments is a necessity. It must be supported in a secure, auditable manner, often programmatic or via scripting, and with strong access controls. As discussed in a previous post by Jeff Barr, AWS Systems Manager […]

Read More
AWS CloudTrail brand image

Maximizing features and functionality in AWS CloudTrail

Thanks to the following AWS CloudTrail experts for their work on this post: Avneesh Singh, Senior Product Manager, AWS CloudTrail Jeff McRae, Software Development Manager, AWS CloudTrail Keith Robertson, Software Development Manager, AWS CloudTrail Susan Ferrell, Senior Technical Writer, AWS Are you taking advantage of all the features and functionality that AWS CloudTrail offers? Here […]

Read More

Managing AWS resources across multiple accounts and Regions using AWS Systems Manager Automation

AWS Systems Manager Automation simplifies common administrative and maintenance tasks of AWS resources. Using Systems Manager Automation, you can execute predefined tasks/workflows in the form of AWS Systems Manager documents (SSM documents) that you can write yourself or use community published documents. A SSM document defines the actions that Systems Manager performs on your AWS […]

Read More

Automating the discovery of unused AWS Lambda functions

In 2017 Kyle Somers explained how you can gain visibility into the execution of your AWS Lambda functions in his blog post announcing AWS CloudTrail data events for AWS Lambda. In my blog post, I’ll expand upon Kyle’s post to show you how you can combine CloudTrail data events for AWS Lambda with the power […]

Read More

Gain Visibility into the Execution of Your AWS Lambda functions with AWS CloudTrail

Today, we are happy to announce that AWS CloudTrail now supports the Lambda Invoke API as a new data event type with the launch of CloudTrail Lambda data events. Previously, AWS CloudTrail supported management events for AWS Lambda, which allowed you to capture when and by whom a function was created, modified, or deleted. With […]

Read More

Monitor Changes and Auto-Enable Logging in AWS CloudTrail

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Hence, it’s crucial to monitor any changes to CloudTrail and make sure that logging is always enabled. With CloudTrail, you can log, continuously monitor, and retain events related to API calls across your AWS infrastructure. CloudTrail provides […]

Read More

Analyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena

  A few days ago, The AWS Big Data Blog published a new blog post: “Analyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena.” In this blog post, AWS Professional Services Consultant Sai Sriparasa shows how to set up and use the recently released Amazon Athena CloudTrail SerDe to query AWS CloudTrail […]

Read More