- Mais recentes
- Mais votos
- Mais comentários
Here are step-by-step instructions to log your Redshift cluster calls with Amazon Redshift with AWS CloudTrail:
Create an S3 Bucket for CloudTrail Logs
You need to create an S3 bucket to store the CloudTrail logs generated by Amazon Redshift. CloudTrail will use this bucket to store log files that capture API calls and events associated with your Redshift cluster.
- Go to the Amazon S3 console.
- Click on "Create bucket".
- Enter a unique bucket name e.g., eg-redshift-cloudtrail-logs.
- Choose the AWS Region where your Redshift cluster is located.
- Click "Create bucket".
Create a CloudTrail Trail
If you create a CloudTrail trail, you can have continuous delivery of CloudTrail events to an Amazon S3 bucket, including events for Redshift. If you don't configure a trail, you can still view the most recent events in the CloudTrail console in Event history.
- Go to the CloudTrail console.
- Click on "Trails" in the left navigation pane.
- Click "Create trail".
- Enter a trail name like eg-redshift-trail.
- Choose the S3 bucket created earlier (eg-redshift-cloudtrail-logs) as the storage location for logs.
- Configure other settings as needed and click "Create".
Configure Redshift Integration
Configuring Redshift integration allows Redshift to send audit logs to CloudTrail. This ensures that the SQL queries and other activities performed in Redshift (including those from Query Editor v2) are captured by CloudTrail.
- Navigate to the Amazon Redshift console.
- Select your cluster, go to the "Properties" tab.
- Under the "Cluster Auditing and Logging" section, enable logging.
- Choose the CloudTrail trail you created earlier (eg-redshift-trail).
Go to the IAM Roles console.
IAM roles are used to grant permissions to entities in AWS. You need to ensure that the IAM role associated with Redshift has the necessary permissions to write logs to the specified S3 bucket and read CloudTrail trails.
- Find and select the IAM role used by Redshift (e.g., eg-redshift-role).
- Attach policies like AmazonS3ReadOnlyAccess to allow Redshift to access the S3 bucket for CloudTrail logs.
Verify CloudTrail Logs:
After setting up CloudTrail and Redshift integration, you verify that the configuration is working as expected. This step involves performing actions in Redshift (e.g., running queries) and then checking CloudTrail logs to ensure that the actions are captured.
- Perform actions in Redshift, such as running queries using Query Editor v2.
- Go back to the CloudTrail console.
- Click on "Event history" to view the captured events and IAM user activity.
Hi All, I am also looking for some guidance on this. The below mentioned steps in above response are not valid. It just asks for S3 bucket. I couldnt find choose cloudtrail anywhere on redshift.
- Under the "Cluster Auditing and Logging" section, enable logging.
- Choose the CloudTrail trail you created earlier (eg-redshift-trail).
Looking forward for a reply.
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há um ano