Audit | CloudTrail ¶
AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.
CloudTrail module. Key elements:
- Destination bucket
- KMS Key to files encrypt files
- Include global services
- Enable multi-regional trail
S3 Bucket Module. Key elements:
- Lifecycle rule
- Expiration
KMS Key Module. Key elements:
- Deletion Window
- Policy
Grant permission to the rest of the accounts to use the key