AWS Security Blog

Tag: CloudTrail

AWS Directory Service Now Supports API Access and Logging Via AWS CloudTrail

Developers can now programmatically create and configure Simple AD and AD Connector directories in AWS Directory Service via the AWS SDKs or CLI. You can also now use Cloud Trail to log API actions performed via an SDK, the CLI, or AWS Directory Service console. Permissions for performing these actions can be controlled via an AWS […]

Sharing AWS CloudTrail Log Files Between Accounts

If you use AWS CloudTrail to log API calls in your account, you can share your log files with other AWS accounts, whether you own those accounts or not. In this post, Greg Pettibone, a technical writer on the CloudTrail team, walks through some cross-account scenarios to show you how. AWS CloudTrail captures information about […]

New Whitepaper: Security at Scale: Logging in AWS

The newly released Security at Scale: Logging in AWS whitepaper is designed to illustrate how AWS CloudTrail can help you meet compliance and security requirements through the logging of API calls. The API call history can be used to track changes to resources, perform security analysis, operational troubleshooting and as an aid in meeting compliance […]

Tracking Federated User Access to Amazon S3 and Best Practices for Protecting Log Data

Auditing by using logs is an important capability of any cloud platform.  There are several third party solution providers that provide auditing and analysis using AWS logs.  Last November AWS announced its own logging and analysis service, called AWS CloudTrail.  While logging is important, understanding how to interpret logs and alerts is crucial.  In this blog […]