AWS CloudTrail definition

This definition is part of our Essential Guide: An insider's look at AWS re:Invent 2014
Contributor(s): Madelyn Bacon

AWS CloudTrail is an application program interface (API) call-recording and log-monitoring Web service offered by Amazon Web Services (AWS).

AWS CloudTrail can be used by AWS customers to record API calls involving their AWS accounts, sending log files to Amazon S3 buckets for storage and uses Amazon Simple Notification Services for delivery. It provides API activity data including the identity of an API caller, the time of an API call, the source of the IP address of an API caller, the request parameters and the response elements returned by the AWS service.

CloudTrail can be configured to publish a notification for each log file delivered, allowing users to take action upon log file delivery -- a process that according to AWS should only take about 15 minutes. It can also be configured to aggregate log files across multiple accounts so that log files are delivered to a single S3 bucket.

This service is meant to facilitate information security and compliance in organizations that use AWS and need to track the API calls for one or more AWS account. CloudTrail can be configured to support security monitoring, compliance reporting and resource management, and can feed data into log management and security information and event management (SIEM) platforms.

This was first published in August 2014

Continue Reading About AWS CloudTrail



Find more PRO+ content and other member only offers, here.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:


File Extensions and File Formats

Powered by: