En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

AWS VPN monitor

0

so far my company uses the aws client vpn, which is authenticated through the google workspace saml. the user's vpn access is authenticated by his/her google mail, is anyway I can track the user's behavior, like which aws resource he/she access or modified? is any software or service i can levelrage?

I appreciate you thoughts.

Sujets
Sécurité, identité et conformité
Balises
Hub de sécurité AWS
Langue
English
AWS-User-5891203
demandé il y a 2 ans297 vues
1 réponse
0

Good day.

Have you already looked into CloudTrail events? https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/monitoring-cloudtrail.html

"When activity occurs in Client VPN, that activity is recorded in a CloudTrail event along with other AWS service events in Event history."

Remember that CloudTrail only supports 90 days in the dashboard by default, and if you need to retain a longer period then you should look into CloudTrail Trails (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html) or integrate CloudTrail with your SIEM solution.

I hope this helps!

Jason H.

AWS
Jason_H
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents