CloudTrail

aws/security aws/monitoring aws/service

💡 Definition

AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. It records API calls and related events made by an IAM user, role, or an AWS service in your account.

🔑 Key Concepts

⚙️ How it Works

  1. Automatic Activation: CloudTrail is enabled on your AWS account when you create it.
  2. Log Events: Records events and delivers them to the CloudTrail console (Event history) or to an S3 bucket (via a Trail).
  3. Audit: Use the logs to answer "who did what, when, where, and how."

🎯 Use Cases

💰 Pricing Model

📝 Exam Tips (CLF-C02)


See Also: * CloudWatch * IAM * S3