Questions tagged with AWS CloudTrail
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi,
Currently I would like to encrypt CloudTrail logs in my Root account via a KMS key managed by me.
This trail exists in all my environments due to the use of Control Tower, through the Root...
1
answers
0
votes
978
views
asked 3 months agolg...
We'd like to create a CloudTrail trail for management events that targets only specific type of events, for example, EBS volume creation, modification, and deletion. I do not see any option to achieve...
2
answers
1
votes
311
views
asked 3 months agolg...
I am following this tutorial https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-log-api-call.html.
{
"source": ["aws.ec2"],
"detail-type": ["AWS API Call via...
1
answers
1
votes
322
views
asked 3 months agolg...
I possess an IAM key for which the "last used" date indicates activity 15 hours ago. Yet, upon scrutinizing the CloudTrail logs filtered by the specific AWS access key for all events, there appears to...
1
answers
0
votes
324
views
asked 3 months agolg...
Its an aws config managed rule, but I don't see a clear remediation process. is the only way to set up data events in cloudtrail via the console? I don't see any means in boto or the cli.
1
answers
0
votes
346
views
asked 3 months agolg...
An IAM role was created to provide the access to S3 and lake formation as per [Requirements for roles used to register...
2
answers
0
votes
363
views
asked 4 months agolg...
I have a use case to trigger a lambda function from SQS queue and get data from cloudtrail lookup events api . But the api is giving Rate exceeded error because the SQS is triggering the lambda...
2
answers
0
votes
535
views
asked 4 months agolg...
I have hosted a GitHub server on an instance but I want to capture the logs on the instance with a particular post 8433,How to do that?
2
answers
0
votes
419
views
asked 4 months agolg...
```
{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDA42S2XXXXXXXXXX",
"arn": "arn:aws:iam::8817318XXXXX:user/XXXXXXX",
...
1
answers
0
votes
165
views
asked 4 months agolg...
Hi,
I configured this event pattern
```
{
"$or": [{
"detail": {
"eventType": ["AwsApiCall", "AwsConsoleSignIn", "AwsServiceEvent", "AwsConsoleAction", "AwsCloudTrailInsight"],
...
0
answers
1
votes
413
views
asked 4 months agolg...
We have an organization-wide CloudTrail which is logging events to an S3 bucket in a different account (part of the organization). By default, with S3 events turned on, this means we are getting the...
1
answers
0
votes
716
views
asked 4 months agolg...
I manage and invoice all of my AWS costs using "Project" tag. Even though all of my cloudtrail trails are tagged with a "Project" tag, the usage type of PaidEventsRecorded shows up as not having a...
1
answers
0
votes
224
views
asked 4 months agolg...