Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudtrail]

Monitor AWS deployments in the cloud by getting a history of AWS API calls for the AWS account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. Identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred.

293 questions
4
votes
1 answer

Terraform AWS CloudTrail configurations fails

I'm trying to configure AWS CloudTrail using terraform, but still failing on CloudWatch integration. Does anybody see a mistake somewhere? Terraform CLI and Terraform AWS Provider Version Terraform v0.13.5 provider…
Pavel Cisar
  • 181
  • 1
  • 5
4
votes
0 answers

Audit Logging for AWS QuickSight

Newbie to AWS quicksight. Have a requirement to track Non-API Events for QuickSight . My requirement is to track events around the QuickSight Dashboards events and see which of the dashboards are having maximum hits…
Rajesh Rajamani
  • 189
  • 2
  • 14
4
votes
1 answer

CloudWatch Rule set to trigger from CloudTrail doesn't trigger Lambda function unless I create a Trail to store CloudTrail logs in an S3 bucket

I am trying to trigger a Lambda function when a RequestCertificate event is being raised in AWS Certificate Manager. In order to do that, I have created a CloudWatch Rule with the following syntax: { "source": [ "aws.acm" ], "detail-type":…
Antoine Delia
  • 1,728
  • 5
  • 26
  • 42
4
votes
1 answer

What to prefer AWS XRAY or CloudTrail for analysing user request travelling through Amazon API Gateway

I am preparing for AWS exam and I found some documentation about AWS CloudTrail and AWS X-RAY where it creates confusion on their usage requirement. I have came across following question where requirement was to trace and analyse the user request as…
Gunjan Shah
  • 5,088
  • 16
  • 53
  • 72
4
votes
2 answers

AWS S3 log for DeleteObject?

How to use AWS services like CloudTrail or CloudWatch to check which user performed event DeleteObject? I can use S3 Event to send a Delete event to SNS to notify an email address that a specific file has been deleted from the S3 bucket but the…
Viet
  • 6,513
  • 12
  • 42
  • 74
4
votes
1 answer

How To Create a CloudTrail for DynamoDb in AWS?

In AWS it is indicated that there is support to use Cloudtrail to track events in DynamoDB in the link here. https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/logging-using-cloudtrail.html However, in the instructions, there is no…
andre
  • 1,660
  • 3
  • 19
  • 31
4
votes
0 answers

How to get logs about affected objects by S3 Multi-Object Delete

S3 provides two ways to delete objects: A DELETE operation for deleting single objects and a Multi-Object Delete operation to delete multiple objects with a single API call. For the DELETE operation S3 access logs and CloudTrail S3 data logs contain…
Dunedan
  • 7,848
  • 6
  • 42
  • 52
4
votes
2 answers

How to see AWS KMS events on AWS cloudtrail?

I am using AWS KMS to encrypt and decrypt some data. I want to track all KMS accesses using AWS cloudtrail. When I open my cloudtrail events page, I can't see KMS related events. On KMS documentation page, it is mentioned that kms events are logged…
Naveen
  • 77
  • 1
  • 10
4
votes
1 answer

Getting user login and logout information in AWS CloudTrail

I have enabled CloudTrail using the AWS Management Console and the Amazon S3 Bucket policies are the defaults ones that are created automatically when enabling CloudTrail. I can find logs about my log-in along with all other even logs but there is…
ykesh
  • 1,199
  • 2
  • 21
  • 33
3
votes
1 answer

How to create usage alarm using Cloudwatch for Service Quota when the Utilization is Not available in AWS

I want to create alerts in aws to notify when the service quota utilization has crossed the threshold value for service quotas for which the Utilization field is disabled I am trying to create Infrastructure quota monitoring alerts in aws , but for…
Rudin Charles
  • 31
  • 2
3
votes
3 answers

Cloudtrail: Insufficient permissions to access S3 bucket

I am trying to create a trail in Cloudtrail logging to S3 bucket but I am getting following error: Error: Error creating CloudTrail: InsufficientEncryptionPolicyException: Insufficient permissions to access S3 bucket $BUCKET_NAME or KMS key…
DisplayName
  • 479
  • 2
  • 7
  • 20
3
votes
0 answers

How do we look up RequestID's thrown in AWS CloudFormation events which status reports CREATE_FAILED?

Without setting up a CloudTrail and executing a CFN template which rolls back, I have started looking at Debugging options. I found this which says we can see the most recent without a created trail. I tried to find RequestId documentation from here…
roland garceau
  • 71
  • 3
3
votes
1 answer

How to generate policy based on CloudTrail events and resolve errors

While generating a policy in IAM for a specific role using feature "Generate policy based on CloudTrail events", I get error "Policy generation failed. CloudTrail log files processed per policy generation limit exceeded. Please fix before trying…
Nishant Gupta
  • 41
  • 2
3
votes
1 answer

How do I unsubscribe my AWS organization from CloudTrail?

I'm trying to create an AWS Control Tower landing zone for my AWS organization, and am getting a message saying You must unsubscribe your organization from AWS CloudTrail so that AWS Control Tower can proceed. During the setup process, AWS Control…
Celina
  • 33
  • 5
3
votes
2 answers

How to add Glue Table with struct type column using Terraform?

I am enabling Athena to query on Cloudtrail s3 logs using Terraform. To do this, I need to create database and tables in Glue Catalog. I am following this link. In Terraform I am using aws_glue_catalog_table resource. How can I define columns with…
Neelesh Gurjar
  • 65
  • 1
  • 10
1
2
3
19 20