By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to prevent cloudtrail log being modified and deleted?

0

How to prevent cloudtrail log being modified and deleted? AWS CloudTrail provides a feature to validate the integrity of the CloudTrail log files stored in your S3 bucket. Does it help protect the logs from being modified an deleted as well?

Topics
Management & Governance
Tags
AWS CloudTrail
Language
English
Isaac_Lin
asked 21 days ago73 views
1 Answer
1
Accepted Answer

It doesn't prevent logs from being modified or deleted. You should implement least privilege access and enable MFA delete on the S3 bucket. Please refer to CloudTrail preventative security best practices.

profile pictureAWS
EXPERT
AWS-User-alantam
answered 21 days ago
profile picture
EXPERT
Osvaldo Marte
reviewed 21 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content