AWS Cloud Operations Blog

Category: AWS CloudTrail

How Arctic Wolf uses AWS CloudTrail Lake to Simplify Security and Operations

In this post, we’ll discuss how Arctic Wolf is using AWS CloudTrail Lake to simplify compliance, enhance security operations, and obtain new operational insights from their CloudTrail data. Arctic Wolf, the leader in security operations, helps customers protect their organizations from rapidly evolving cyber threats with the Arctic Wolf Security Operations Cloud and Concierge Security® model. As […]

Find the most evaluated AWS Config rules using AWS CloudTrail Lake

In this post, I’ll show you how to find most evaluated AWS Config rules to dive deep into AWS Config charges on your invoice by using AWS CloudTrail Lake. The solution uses the new AWS CloudTrail feature, CloudTrail Lake, to analyze CloudTrail events. AWS Config is a service that enables you to assess, audit, and […]

Prepare for Oracle license audits in AWS using AWS Audit Manager and AWS License Manager

Many of our customers who run Oracle databases need help with managing their Oracle licenses on AWS and ensuring that they have not fallen out of compliance with Oracle’s licensing rules. They must be prepared to provide relevant evidence in an auditor-friendly format during an Oracle license audit. Gathering evidence in a timely manner to […]

Using AWS CloudTrail Lake to identify older TLS connections to AWS service endpoints

To comply with regulatory standards and follow security best practices, organizations have told us that they want to ensure they have disabled older versions of Transport Layer Security (TLS), such as TLS 1.0 and 1.1, and only use modern TLS 1.2 and 1.3. When connecting to AWS API endpoints, your client software negotiates its preferred TLS version, […]

Integrating existing AWS CloudTrail configurations when launching AWS Control Tower

The customers that we work with often use multiple AWS accounts to meet their business needs. These multi-account environments are built based on the guidelines that AWS published. Customers have created custom mechanisms using AWS Organizations, AWS CloudTrail, and other AWS services to implement the guidelines. AWS Created the AWS Control Tower service as a […]

Maintain compliance using Service Control Policies and ensure they are always applied

Many of our customers manage multiple AWS accounts in AWS Organizations and utilize Service Control Policies (SCPs) to centrally manage permissions in their organization. SCPs offer central control over the maximum available permissions for every account in your organization and can be applied to an account, organization units (OUs), or the organization as a whole […]

Announcing AWS CloudTrail Lake – a managed audit and security Lake

Organizations managing cloud infrastructure in AWS need effective mechanisms to audit operations in their AWS accounts for security and compliance. In November 2013, we announced AWS CloudTrail as the auditing platform for AWS. Since then, millions of customers have adopted this service. We believe CloudTrail is so important to AWS customers’ success that every new […]

Illustration of the flow of actions between accounts for the Security Hub account association handshake.

Automating AWS Security Hub Alerts with AWS Control Tower lifecycle events

Important Update: As of 23 Nov 2020 the Security Hub service was updated to support direct integration with AWS Organizations. Lifecycle events are no longer the recommended way to enable Security Hub. Please utilize Security Hub’s native integration with AWS Organizations. You can also refer to this blog, which walks through how to enable GuardDuty […]

Using CloudTrail data events with Athena and CloudWatch to create an audit trail for DynamoDB tables events

Highly regulated industries must maintain an audit trail of events at various levels to meet regulatory and industry compliance requirements. Data events provide visibility into the resource operations performed on or in a resource, including object-level API activities such as delete, update, and put items. You can use AWS CloudTrail to create an audit trail […]

Using AWS CloudTrail to propagate tags across related AWS resources - Part 1

Using AWS CloudTrail to propagate tags across related AWS resources – Part 1

AWS allows customers to assign metadata to their AWS resources in the form of tags. Each tag consists of a customer-defined key and an optional value. Tags can make it easier to manage, search for, and filter resources by purpose, owner, environment, or other criteria. AWS tags can be used for many purposes like organizing […]