Skip to content

Audit | CloudTrail

AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.

Cloudtrail Diagram

CloudTrail module. Key elements:

  • Destination bucket
  • KMS Key to files encrypt files
  • Include global services
  • Enable multi-regional trail

S3 Bucket Module. Key elements:

  • Lifecycle rule
  • Expiration

KMS Key Module. Key elements:

  • Deletion Window
  • Policy
    Grant permission to the rest of the accounts to use the key

Read More