Difference between revisions of "AWS CloudTrail Best Practices"
Jump to navigation
Jump to search
Line 5: | Line 5: | ||
* [[Receiving CloudTrail log files from multiple accounts]] | * [[Receiving CloudTrail log files from multiple accounts]] | ||
* [[Enable MFA-delete and versioning on the Amazon S3 Bucket storing log files]]: <code>[[aws_s3_versioning]], [[mfa_delete]]</code> | * [[Enable MFA-delete and versioning on the Amazon S3 Bucket storing log files]]: <code>[[aws_s3_versioning]], [[mfa_delete]]</code> | ||
− | * [[Use advanced event selectors with data events]] | + | * [[Use advanced event selectors with data events]]: <code>[[DeleteObject]]</code> |
== Related == | == Related == |
Revision as of 04:54, 11 July 2024
- Enable CloudTrail log file integrity validation:
--enable-log-file-validation
- Receiving CloudTrail log files from multiple accounts
- Enable MFA-delete and versioning on the Amazon S3 Bucket storing log files:
aws_s3_versioning, mfa_delete
- Use advanced event selectors with data events:
DeleteObject
Related
- AWS CloudTrail Events
- AWS Best Practices
- Data events
--is-multi-region-trail
--enable-log-file-validation
See also
Advertising: