CloudTrail Config

Question

I want to configure CloudTrail to log some events.  In the process
of doing so, I saw the following note:

**Though there is no cost to log these events, you incur charges for the 
S3 bucket that we create to store your logs.**

My question: Is an S3 bucket the only depository that can be used for the
events that are logged?  Is there a FREE storage entity that I can use for
the events that CloudTrail logs?

Answer

S3 is the destination for Cloud Trail log files. You have control over this file storage lifecycle and can copy the bucket elsewhere. https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html

For the first year of your account you get 5GB of S3 storage a month for free, as well as other features and services.
https://aws.amazon.com/free/

A bit on Cloud Trail logging
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events-console.html

Answer

The only FREE (storage invisible to you) event logging included with CloudTrail is the **Event History** which only logs **[management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html)** for the past **90 days**. 
In order to store CloudTrail events for longer than 90 days or to store both management and [data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html), here are a couple of options (**incur a cost**):
1. Create a CloudTrail trail (events delivered to S3)
2. Create an event data store (no S3) as part of [CloudTrail Lake](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake.html) (events stored in a managed data lake with convenient SQL-based querying capabilities)

CloudTrail Config

関連するコンテンツ