Real-Time Insights on AWS Account Activity

Monitoring Amazon Web Services (AWS) account activity can provide valuable insight into who is accessing your resources and how your resources are being used. This insight can help you make better-informed decisions that increase security and efficiency, facilitate compliance auditing, and optimize costs. To help you more easily monitor account activity, AWS offers the

The Real-Time Insights on AWS Account Activity guidance automatically provisions and configures the services necessary to record and visualize resource access and usage metrics for your AWS account(s) in real-time. This guidance is designed to provide a framework for visualizing access and usage metrics, allowing you to focus on adding new metrics rather than underlying infrastructure operations.

Overview

The diagram below presents the architecture you can build using the example code on GitHub.

Real-Time Insights on AWS Account Activity | Architecture Diagram
Real-Time Insights on AWS Account Activity | Architecture Diagram
Close
 Click to enlarge

Real-Time Insights on AWS Account Activity solution architecture

AWS CloudTrail logs actions taken in your AWS account, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services.

When an action is taken, an Amazon CloudWatch event trigger sends data to a Kinesis Data Firehose delivery stream. The delivery stream archives the events in an Amazon S3 bucket and sends the data to a Kinesis Data Analytics application for processing.

Once the data is processed, it is sent to Kinesis Data Streams. An AWS Lambda function reads data from the stream and sends the data in real-time to an Amazon DynamoDB table to be stored.

The solution also creates an Amazon Cognito user pool, an Amazon S3 bucket, an Amazon CloudFront distribution, and real-time dashboard to securely read and display the account activity stored in the DynamoDB table.

Read more 
Show less

Real-Time Insights on AWS Account Activity

Version 1.1.2
Last updated: 05/2021
Author: AWS

Example code on GitHub

Additional resources

Resources and FAQ »
Contact us »

Did this Guidance help you?
Yes
No
Provide feedback 

Features

Real-Time Insights on AWS Account Activity reference implementation

Leverage the Real-Time Insights on AWS Account Activity out of-the-box, or as a reference implementation for building your own account monitoring solution.

Real-time dashboard

The solution features a dashboard that visualizes your account activity metrics in real-time. Metrics are calculated for create, modify, and delete API calls for more than 60 supported AWS services.
Build icon
Deploy a Solution yourself

Browse our library of AWS Solutions Implementations to get answers to common architectural problems.

Learn more 
Find an APN partner
Find an APN Partner

Find AWS certified consulting and technology partners to help you get started.

Learn more 
Explore icon
Explore Solutions Consulting Offers

Browse our portfolio of Consulting Offers to get AWS-vetted help with solution deployment.

Learn more