AWS CloudTrail | Getting Started Flashcards

1
Q

Who should use CloudTrail?

Getting Started

AWS CloudTrail | Management Tools

A

Customers who need to track changes to resources, answer simple questions about user activity, demonstrate compliance, troubleshoot, or perform security analysis should use CloudTrail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

If I am a new AWS customer or existing AWS customer and don’t have CloudTrail setup, do I need to enable or setup anything to view my account activity?

Getting Started

AWS CloudTrail | Management Tools

A

No, nothing is required to begin viewing your account activity. You can visit the AWS CloudTrail console or AWS CLI and begin viewing up to the past 90 days of account activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Does the CloudTrail Event History show all account activity within my account?

Getting Started

AWS CloudTrail | Management Tools

A

AWS CloudTrail will only show the results of the CloudTrail Event History for the current region you are viewing for the last 90 days and support the AWS services found here. These events are limited to management events with create, modify, and delete API calls and account activity. For a complete record of account activity, including all management events, data events, and read-only activity, you’ll need to configure a CloudTrail trail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What search filters can I use to view my account activity?

Getting Started

AWS CloudTrail | Management Tools

A

You can specify Time range and one of the following attributes: Event name, User name, Resource name, Event source, Event ID, and Resource type.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Can I use the lookup-events CLI command even if I don’t have a trail configured?

Getting Started

AWS CloudTrail | Management Tools

A

Yes, you can visit the CloudTrail console or use the CloudTrail API/CLI and begin viewing the past 90 days of account activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What additional CloudTrail features are available by setting up CloudTrail and creating a trail?

Getting Started

AWS CloudTrail | Management Tools

A

By setting up a CloudTrail trail you can deliver your CloudTrail events to Amazon S3, Amazon CloudWatch Logs, and Amazon CloudWatch Events. This enables you to leverage features to help you archive, analyze, and respond to changes in your AWS resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can I restrict access for users in my account from seeing the CloudTrail Event History?

Getting Started

AWS CloudTrail | Management Tools

A

Yes, CloudTrail integrates with AWS Identity and Access Management (IAM), which allows you to control access to CloudTrail and to other AWS resources that CloudTrail requires, including the ability to restrict permissions to view and search account activity. This is accomplished by removing the “cloudtrail:LookupEvents” from the Users IAM policy which will then prevent that IAM user from viewing account activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Is there any cost associated with CloudTrail Event History being enabled on my account upon creation?

Getting Started

AWS CloudTrail | Management Tools

A

There is no cost for viewing or searching account activity with CloudTrail Event History.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly