Amazon Web Services China Summit | From Possibility to Practice, June 19th - 20th | Shanghai Expo Center

Amazon Web Services China Summit | From Possibility to Practice, June 19th - 20th | Shanghai Expo Center, Register now>>

Amazon CloudTrail

Track user activity and API usage

Create a Free Account

What is CloudTrail

Benefits

Use Cases

Integrations

Amazon CloudTrail Free Tier

Always Free

China Region

View, filter, and download the most recent 90 days of your account activity for all management events in supported services, and set up a trail that delivers a single copy of management events for free

Learn more

Always Free

Global Region

Learn more

Getting Started

Getting Started on Products

Discover product userguides, trainings and tutourials

Learn more

What is CloudTrail

Amazon CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your Amazon Web Services account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your Amazon Web Services infrastructure. CloudTrail provides event history of your Amazon Web Services account activity, including actions taken through the Amazon Management Console, Amazon SDKs, command line tools, and other Amazon Web Services services. This event history simplifies security analysis, resource change tracking, and troubleshooting.

Benefits

Visibility Into User and Resource Activity

Amazon CloudTrail increases visibility into your user and resource activity by recording Amazon Management Console actions and API calls. You can identify which users and accounts called Amazon Web Services, the source IP address from which the calls were made, and when the calls occurred.

Security Analysis and Troubleshooting

With Amazon CloudTrail, you can discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your Amazon Web Services account within a specified period of time.

Simplified Compliance

With Amazon CloudTrail, simplify your compliance audits by automatically recording and storing event logs for actions made within your Amazon Web Services account. Integration with Amazon CloudWatch Logs provides a convenient way to search through log data, identify out-of-compliance events, accelerate incident investigations, and expedite responses to auditor requests.

Security Automation

Amazon CloudTrail allows you track and automatically respond to account activity threatening the security of your Amazon Web Services resources. With Amazon CloudWatch Events integration, you can define workflows that execute when events that can result in security vulnerabilities are detected. For example, you can create a workflow to add a specific policy to an Amazon S3 bucket when CloudTrail logs and API call that makes that bucket public.

Use Cases

Security Analysis

You can perform security analysis and detect user behavior patterns by ingesting Amazon CloudTrail events into your log management and analytics solutions.

Compliance Aid

Amazon CloudTrail makes it easier to ensure compliance with internal policies and regulatory standards by providing a history of activity in your Amazon Web Services account. For more information, download the Amazon Web Services compliance whitepaper, “Security at Scale: Logging in Amazon Web Services.”

Operational Issue Troubleshooting

You can troubleshoot operational issues by leveraging the Amazon API call history produced by Amazon CloudTrail. For example, you can quickly identify the most recent changes made to resources in your environment, including creation, modification, and deletion of Amazon Web Services resources (e.g., Amazon EC2 instances, Amazon VPC security groups, and Amazon EBS volumes).

Integrations

Amazon CloudWatch Logs Integration

Amazon CloudTrail integration with Amazon CloudWatch Logs enables you to send management and data events recorded by CloudTrail to CloudWatch Logs. CloudWatch Logs allows you to create metric filters to monitor events, search events, and stream events to other Amazon Web Services services, such as Amazon Lambda.

Amazon CloudWatch Events

Amazon CloudTrail integration with Amazon CloudWatch Events enables you to automatically respond to changes to your Amazon Web Services resources. With CloudWatch Events, you are able to define actions to execute when specific events are logged by Amazon CloudTrail. For example, if CloudTrail logs a change to an Amazon EC2 security group, such as adding a new ingress rule, you can create a CloudWatch Events rule that sends this activity to an Amazon Lambda function. Lambda can then execute a workflow to create a ticket in your IT Helpdesk system.

Getting Started with Cloud

Find product-specific user guides, training and tutorials

View now »

Free Trials

New users can try Amazon SageMaker free, get 250 hours of t2.medium or t3.medium notebook usage per month

Always Free

All users can try Amazon Lambda free, with 1 million free requests per month and up to 3.2 million seconds of compute time per month