AWS CloudTrail pricing

0

Hello,

I wanted to ask if there is any way for an AWS CloudTrail subscription to save logs only regarding IAM logs, ignoring all other paid logs?

Roman
asked 23 days ago75 views
1 Answer
1

hello,

Yes, you can configure AWS CloudTrail to save logs only regarding IAM activity, ignoring all other paid logs.

By using data event filters, you can specify the exact types of events you want to capture, filtering out all other events, including those related to other AWS services or paid features. This allows you to focus on the specific IAM activity you're interested in and reduce the amount of data stored, which can lead to significant cost savings.

Here's how you can set it up:

  • Create a CloudTrail trail: If you haven't already, create a CloudTrail trail to capture your AWS account activity.
  • Edit the trail: Go to the CloudTrail console and select the trail you created.  
  • Configure event selectors: In the "Event selectors" section, click "Add event selector".
  • Select event types: Under "Include event types", choose "IAM" and select the specific IAM event types you want to capture (e.g., "CreateRole", "AddUserToGroup", "UpdateAccessKey").
  • Save changes: Click "Save" to apply your changes.

This will ensure that CloudTrail only logs events related to IAM activity, significantly reducing the amount of data stored and the associated costs.

https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html

profile picture
EXPERT
answered 23 days ago
profile picture
EXPERT
Sandeep
reviewed 23 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions