How to prevent cloudtrail log being modified and deleted?

How to prevent cloudtrail log being modified and deleted? AWS CloudTrail provides a feature to validate the integrity of the CloudTrail log files stored in your S3 bucket. Does it help protect the logs from being modified an deleted as well?

Topics: Management & Governance
Tags: AWS CloudTrail
Language: English

hello

asked 2 years ago791 views

1 Answer

Newest
Most votes
Most comments

Accepted Answer

It doesn't prevent logs from being modified or deleted. You should implement least privilege access and enable MFA delete on the S3 bucket. Please refer to CloudTrail preventative security best practices.

EXPERT

AWS-User-alantam

answered 2 years ago

EXPERT

Osvaldo Marte

reviewed 2 years ago

Relevant content

How to prevent cloud trail logs being created as S3 buckets with CDK?
AWS-User-8777950
asked 4 years ago
How to reduce the cost for cloudtrail logging
RiJo
asked 4 years ago
Unable to find the path of a deleted file in Cloudtrail S3 data event logs
StevenV
asked 2 years ago
Unable to get all the information in query results when running queries against cloudtrail logs using athena table
Vinay
asked a year ago
How do I use CloudTrail to log Amazon Q Developer events that my IDE or CLI provides?
AWS OFFICIALUpdated a year ago
How can I optimize CloudTrail costs and still maintain compliance?
AWS OFFICIALUpdated 3 months ago
How can I check to see who modified a Lambda function what changes were made?
AWS OFFICIALUpdated 3 years ago
How do I automatically create tables in Athena to search through CloudTrail logs?
AWS OFFICIALUpdated 2 months ago
Proactive Strategies for Optimizing AWS CloudTrail Lake Usage
EXPERT
Georges
published a year ago
Anomaly Detection for S3 Bucket Deletions
EXPERT
Mojgan-Toth
published 6 months ago

How to prevent cloudtrail log being modified and deleted?

Add your answer

Relevant content