There's moreā€¦

Here are more details about CloudTrail:

  • Server-side encryption is used to encrypt log files in S3. This encryption is transparent to you, but you can opt to encrypt these files with your own Customer Master Key (CMK) if you wish. CMKs are a feature of the Key Management Service (KMS), which is used to encrypt data keys for envelope encryption.
  • API calls are logged by CloudTrail in under 15 minutes.
  • Logs are shipped to your S3 bucket every five minutes.
  • It's possible to aggregate CloudTrail events across many accounts into a single bucket. This is a pattern often used to log AWS activity into a SecOps, or similar, account for auditing.
  • By default, CloudTrail keeps your API activity for seven days.
  • You can create more than one trail. You might consider creating a trail for your developers that is separate from the trail that is consumed by security. Be aware that trails beyond the first, and trails that record data plane activity, will incur additional costs that could be significant if your account has a large amount of activity.
  • If a CloudFormation stack creates an S3 bucket and that S3 bucket has objects in it, the delete operation will fail if and when you choose to delete the stack. You can manually delete the S3 bucket in the S3 web console if you wish to work around this.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.137.217.134