Skip to main content

Cloud Trail

  • If CloudWatch is the heart rate monitor and AWS Config is the building inspector, then AWS CloudTrail is the surveillance camera. It tells you who did it

What is it

  • the auditing service that records every single API Call made in your AWS account
  • everything in AWS is an API call
  • who, what, when, where

What problems does it solve

  • it solves the mystery of accountability

CloudTrail Insights

  • a feature in CloudTrail that uses machine learning
  • it learns your "normal" behavior and alerts you if it sees something weird

    • like a sudden spike in "Delete" commands or a user starting to use services they've never touched before

Back to top