Search the Community
Showing results for tags 'cloudtrail'.
-
AWS Control Tower now includes AWS CloudTrail organization logging as part of landing zone version 3.0. With this new feature, an organization-level AWS CloudTrail trail will be deployed in your organization’s management account to automatically log the actions of all member accounts in your organizations. AWS Control Tower does not configure any parameters for logging other than a mandatory detective guardrail that checks logging is configured for all AWS Control Tower governed accounts. AWS Control Tower with organization logging offers users the latest standard and best practice for unified account logging. View the full article
-
- control tower
- cloudtrail
-
(and 1 more)
Tagged with:
-
Starting today, customers can view CloudTrail event logs corresponding to a change request using AWS Systems Manager Change Manager ServiceNow Connector. The integration helps customers understand which resources were impacted by the change request, thereby providing customers with more visibility into the change request execution. AWS Systems Manager Change Manager helps customers request, approve, implement, and report on operational changes to their application configuration and infrastructure on AWS and on-premises. Using AWS Service Management Connector, customers can create and approve change requests, and get the CloudTrail events associated with these change requests in the ServiceNow console, making the integration with AWS Change Manager even deeper. View the full article
-
- systems manager
- cloudtrail
-
(and 1 more)
Tagged with:
-
AWS CloudTrail now provides more granular control of data event logging with advanced event selectors. Data events provide visibility into the data plane resource operations performed on or within a resource. You can currently log data events on two resource types: Amazon S3 object-level API activity (e.g. GetObject, DeleteObject, and PutObject API operations), and AWS Lambda function execution activity (the Invoke API). With advanced event selectors, you can include or exclude values on fields such as EventSource, EventName, and ResourceARN. Advanced event selectors also support including or excluding values based on the first few characters (where applicable) providing more control over which CloudTrail data events you want to log and pay for. For example, you can log S3 DeleteObject APIs to narrow the CloudTrail events you receive to only destructive actions, enabling you to identify security issues while controlling costs. If you detect unauthorized activity, you can also take immediate action to restrict access. View the full article
-
Forum Statistics
67.4k
Total Topics65.3k
Total Posts