Skip to content

Audit | CloudTrail


AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.

AWS CloudTrail overview

This service will be configured to enable auditing of all AWS services in all accounts. Once enabled, as shown in the below presented figure, CloudTrail will deliver all events from all accounts to the Security account in order to have a centralized way to audit operations on AWS resources. Audit events will be available from CloudTrail for 90 days but a longer retention time will be available through a centralized S3 bucket.

Cloudtrail Diagram

Figure: AWS CloudTrail components architecture diagram (just as reference). (Source: binbash Leverage diagrams, accessed July 6th 2022).

leverage-tf IaC Terraform Codebase <>

Read more

AWS reference links

Consider the following AWS official links as reference: