AWS CloudTrail | Data Events Flashcards

1
Q

What happens if CloudTrail is turned on for my account but my Amazon S3 bucket is not configured with the correct policy?

Data Events

AWS CloudTrail | Management Tools

A

CloudTrail log files are delivered in accordance with the S3 bucket policies that you have in place. If the bucket policies are misconfigured, CloudTrail will not be able to deliver log files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Data events?

Data Events

AWS CloudTrail | Management Tools

A

Data events provide insights into the resource (“data plane”) operations performed on or within the resource itself. Data events are often high volume activities and include operations such as Amazon S3 object level APIs and Lambda function invoke API. Data events are disabled by default when you configure a trail. To record CloudTrail data events, you must explicitly add the supported resources or resource types you want to collect activity on. Unlike management events, data events incur additional costs. For more information, see CloudTrail pricing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can I consume Data events?

Data Events

AWS CloudTrail | Management Tools

A

Data events that are recorded by AWS CloudTrail are delivered to S3, similar to management events. Once enabled, these events are also available in Amazon CloudWatch Events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Amazon S3 Data events? How do I record them?

Data Events

AWS CloudTrail | Management Tools

A

Amazon S3 data events represent API activity on Amazon S3 Objects. To get CloudTrail to record these actions, you specify a S3 bucket in the data events section when creating a new trail or modifying an existing one. Any API actions on the objects within the specified S3 bucket are recorded by CloudTrail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly