AWS CloudTrail: An Introduction

Difficulty: Intermediate
Duration: 3 minutes and 53 seconds
Students: 8,057
Rating: 4.8/5

Please note that this content is outdated has been replaced with the following two courses:

 

 

Any information that helps to secure your Cloud infrastructure is of significant use to security engineers and architects. With AWS CloudTrail, you have the ability to capture all AWS API calls made by users and/or services.

Whenever an API request is made within your environment AWS CloudTrail can track that request with a host of metadata and record it in a Log which is then sent to AWS S3 for storage allowing your to view historical data of your API calls.

Having this information has a number of uses from both a security and a day-to-day operational perspective, but it also allows for additional compliance. Having an audited trail of requests which can be tracked back to a user or service, and even the IP address used, helps to maintain your required compliance levels.

This course provides a full explanation of the CloudTrail service, looking at what it does, how it does it, and what components and services it uses. It breaks down each of the configurable components allowing you to see exactly how it works and to what degree it can be configured.

It dives into permissions required to run and implement CloudTrail, covering roles and policies, along with an overview of S3 Bucket permissions required for log storage. There are also a number of demonstrations within the course showing first hand how to configure Trails and set up various controls and permissions giving you clear guidance on what to do.

CloudTrail Logs are examined to show you exactly how APIs are recorded and how this sensitive information can be encrypted using KMS and also shared between AWS Accounts.

If you have any feedback on this course, please let us know at support@cloudacademy.com.

Learning Objectives

  • Understand what AWS CloudTrail is and how it works
  • Understand permissions, trails, and logs in CloudTrail and how they are used
  • Learn how to perform monitoring activities with the service

Intended Audience

  • IT professionals responsible for cloud security: security consultants, security architects, security auditors, etc.
  • Those studying for an AWS certification that requires knowledge of AWS CloudTrail
  • Anyone with a general interest in AWS security

Prerequisites

To get the most out of this course, you should have a basic understanding of the following AWS services: Simple Storage Service (S3), Identity and Access Management (IAM), AWS CloudWatch, Simple Notification Service (SNS), and the Key Management Service (KMS).

Covered Topics