AWS CloudTrail is a service that helps you enable governance, compliance, risk auditing, and operational auditing of your AWS account. Actions taken by a principal (typiclally a user, role or AWS service) are recorded as events in AWS CloudTrail.
For today’s lab, we will require a new trail to be created.
Search for the CloudTrail service under the Management Tools Section in the console and click on CloudTrail.
Click on Getting Started (if presented with that screen). Once in the CloudTrail Console, click on Trails on the Left Side of the screen.
Then click on Create trail to create our trail for this lab.
Apply the following settings to the trail:
We now have a trail capturing activity in our AWS Account. Later on, we will search through our trail.
AWS Config provides a detailed view of the configuration of AWS resources in your account. This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.
Note: AWS Config is a regional service. The region where you enable this service must be consistent throughout the labs, otherwise you will have a broken deployment. Be sure that the AWS region you perform this operation in remains unchanged throughout the day.
Search for the Config Service under the Management Tools Section in the console, and then click on Config.
Click on Get started, and we will follow the setup wizard.
We now have AWS Config recording changes for supported resources, and you can proceed to Config Rules.