CloudTrail

AWS CloudTrail provides audit logging across AWS accounts, with risks arising from disabled logging, incomplete coverage, or insecure log storage.

CloudTrail records API activity across your environment. Gaps in logging, retention, or protection of logs reduce visibility and weaken audit readiness. Ensuring full coverage and secure storage is key for accountability and compliance.

CloudTrail Documentation

Enable Cloudtrail
high
aws cloudtrail

Enable Cloudtrail

AWS CloudTrail tracks all API calls for the relevant AWS Account, providing a total repository of all activity within the account. Not enabling CloudTrail means that all data older than 90 days is …