AWS CloudTrail | Applying a Trail to all Regions Flashcards
Where are my log files stored and processed before they are delivered to my Amazon S3 bucket?
Applying a Trail to all Regions
AWS CloudTrail | Management Tools
Activity information for services with regional end points (EC2, RDS etc.) is captured and processed in the same region as to which the action is made and delivered to the region associated with your Amazon S3 bucket. Action information for services with single end points (IAM, STS, etc.) is captured in the region where the end point is located, processed in the region where the CloudTrail trail is configured and delivered to the region associated with your Amazon S3 bucket.
What is applying a trail to all regions?
Applying a Trail to all Regions
AWS CloudTrail | Management Tools
Applying a trail to all regions refers to creating a trail that will record AWS account activity in all regions. This setting also applies to any new regions that are added. For more details on regions and partitions, refer to the Amazon Resource Names and AWS Service Namespaces page.
What are the benefits of applying a trail to all regions?
Applying a Trail to all Regions
AWS CloudTrail | Management Tools
You can create and manage a trail across all regions in the partition in one API call or few clicks. You will receive a record of account activity made in your AWS account across all regions to one S3 bucket or CloudWatch logs log group. When AWS launches a new region, you will receive the log files containing event history for the new region without taking any action.
How do I apply a trail to all regions?
Applying a Trail to all Regions
AWS CloudTrail | Management Tools
In the CloudTrail console, you select yes to apply to all regions in the trail configuration page. If you are using the SDKs or AWS CLI, You set the IsMultiRegionTrail to true.
What happens when I apply a trail to all regions?
Applying a Trail to all Regions
AWS CloudTrail | Management Tools
Once you apply a trail in all regions, CloudTrail will create a new trail in all regions by replicating the trail configuration. CloudTrail will record and process the log files in each region and will deliver log files containing account activity across all AWS regions to a single S3 bucket and a single CloudWatch Logs log group. If you specified an optional SNS topic, CloudTrail will deliver SNS notifications for all log files delivered to a single SNS topic.
Can I apply an existing trail to all regions?
Applying a Trail to all Regions
AWS CloudTrail | Management Tools
Yes. You can apply an existing trail to all regions. When you apply an existing trail to all regions, CloudTrail will create a new trail for you in all regions. If you previously created trails in other regions, you can view, edit and delete those trails from the CloudTrail console.
