AWS Security Blog
Tag: CloudTrail
Important changes to CloudTrail events for AWS IAM Identity Center
AWS IAM Identity Center is streamlining its AWS CloudTrail events by including only essential fields that are necessary for workflows like audit and incident response. This change simplifies user identification in CloudTrail, addressing customer feedback. It also enhances correlation between IAM Identity Center users and external directory services, such as Okta Universal Directory or Microsoft […]
AWS Directory Service Now Supports API Access and Logging Via AWS CloudTrail
Developers can now programmatically create and configure Simple AD and AD Connector directories in AWS Directory Service via the AWS SDKs or CLI. You can also now use Cloud Trail to log API actions performed via an SDK, the CLI, or AWS Directory Service console. Permissions for performing these actions can be controlled via an AWS […]
Sharing AWS CloudTrail Log Files Between Accounts
If you use AWS CloudTrail to log API calls in your account, you can share your log files with other AWS accounts, whether you own those accounts or not. In this post, Greg Pettibone, a technical writer on the CloudTrail team, walks through some cross-account scenarios to show you how. AWS CloudTrail captures information about […]
AWS CloudTrail Now Logs AWS Management Console Sign-In Events
We’ve heard from many of you that you want greater visibility into when users sign in to the AWS Management Console. We are excited to announce that AWS CloudTrail now captures console sign-in events whenever an account owner, a federated user, or an IAM user signs into the console. For those of you who aren’t […]
New Whitepaper: Security at Scale: Logging in AWS
The newly released Security at Scale: Logging in AWS whitepaper is designed to illustrate how AWS CloudTrail can help you meet compliance and security requirements through the logging of API calls. The API call history can be used to track changes to resources, perform security analysis, operational troubleshooting and as an aid in meeting compliance […]
Tracking Federated User Access to Amazon S3 and Best Practices for Protecting Log Data
Auditing by using logs is an important capability of any cloud platform. There are several third party solution providers that provide auditing and analysis using AWS logs. Last November AWS announced its own logging and analysis service, called AWS CloudTrail. While logging is important, understanding how to interpret logs and alerts is crucial. In this blog […]