AWS CloudTrail | Data Events Flashcards
What happens if CloudTrail is turned on for my account but my Amazon S3 bucket is not configured with the correct policy?
Data Events
AWS CloudTrail | Management Tools
CloudTrail log files are delivered in accordance with the S3 bucket policies that you have in place. If the bucket policies are misconfigured, CloudTrail will not be able to deliver log files.
What are Data events?
Data Events
AWS CloudTrail | Management Tools
Data events provide insights into the resource (“data plane”) operations performed on or within the resource itself. Data events are often high volume activities and include operations such as Amazon S3 object level APIs and Lambda function invoke API. Data events are disabled by default when you configure a trail. To record CloudTrail data events, you must explicitly add the supported resources or resource types you want to collect activity on. Unlike management events, data events incur additional costs. For more information, see CloudTrail pricing.
How can I consume Data events?
Data Events
AWS CloudTrail | Management Tools
Data events that are recorded by AWS CloudTrail are delivered to S3, similar to management events. Once enabled, these events are also available in Amazon CloudWatch Events.
What are Amazon S3 Data events? How do I record them?
Data Events
AWS CloudTrail | Management Tools
Amazon S3 data events represent API activity on Amazon S3 Objects. To get CloudTrail to record these actions, you specify a S3 bucket in the data events section when creating a new trail or modifying an existing one. Any API actions on the objects within the specified S3 bucket are recorded by CloudTrail.