Difference between revisions of "AWS CloudTrail Best Practices"

• 2021 https://aws.amazon.com/blogs/mt/aws-cloudtrail-best-practices/

• Enable CloudTrail log file integrity validation
• Receiving CloudTrail log files from multiple accounts
• Enable MFA-delete and versioning on the Amazon S3 Bucket storing log files: aws_s3_versioning, mfa_delete

Related

• AWS CloudTrail Events
• AWS Best Practices
• Data events
• --is-multi-region-trail

See also

• aws cloudtrail [ get-event-selectors | lookup-events | list-trails | create-trail | add-tags | delete-trail | describe-trails | get-trail-status | put-event-selectors | put-insight-selectors | remove-tags | start-logging | stop-logging | update-trail | validate-logs | create-event-data-store | list-public-keys | list-tags ], Terraform, enable-federation,AWS CloudTrail, Events
• AWS CloudTrail, AWS CloudTrail Insights, CloudTrail Events, AWS CloudTrail Lake, Terraform, Best practices, Datadog SIEM Content Packs for Cloudtrail