CloudTrail

• Provides governance, compliance and audit for your AWS Account

• CloudTrail is enabled by default!

• Get a history of events / API calls made within your AWS Account by:

• Console

• SDK

• CLI

• AWS Services

• Can put logs from CloudTrail into CloudWatch Logs or S3

• A trail can be applied to All Regions (default) or a single Region.

• If a resource is deleted in AWS, investigate CloudTrail first!

Diagram