Showing posts with label AWS CloudTrail. Show all posts
Showing posts with label AWS CloudTrail. Show all posts

Thursday, May 22, 2014

Amazon - AWS CloudTrail

1. AWS CloudTrail captures AWS API calls made by or on behalf of an AWS account and delivers log files to an Amazon S3 bucket that you specify. Using CloudTrail's console in the AWS Management Console, the AWS CLI, or the CloudTrail API, you create a trail, which specifies the bucket for log file delivery and storage. By default, your log files are encrypted using Amazon S3 server-side encryption (SSE).

2. You can identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred. You can integrate CloudTrail into applications using the API, automate trail creation for your organization, check the status of your trails, and control how administrators turn CloudTrail logging on and off.

3. CloudTrail typically delivers log files within 15 minutes of an API call. These log files contain API calls from all of the account's services that support CloudTrail.

4. (Optional) You create an Amazon SNS topic to which you subscribe for notifications that a new log file has arrived in your bucket. Amazon SNS can notify you in multiple ways, including programmatically using Amazon Simple Queue Service
You can aggregate log files from multiple AWS regions and multiple AWS accounts into a single Amazon S3 bucket

Price: There is no additional charge for CloudTrail, but standard rates for Amazon S3 and Amazon SNS apply.


Supported Services

Analytics

·         Amazon Elastic MapReduce
·         Amazon Kinesis

Application Services

·         Amazon Simple Workflow Service

Compute and Networking

·         AWS Direct Connect
·         Amazon Elastic Compute Cloud (EC2)
·         Elastic Load Balancing
·         Amazon Virtual Private Cloud

Database

·         Amazon Relational Database Service
·         Amazon Redshift

Deployment and Management

·         AWS CloudFormation
·         AWS CloudTrail
·         AWS Elastic Beanstalk
·         AWS Identity and Access Management
·         Amazon CloudWatch

Storage and Content Delivery

·         Amazon Elastic Block Store



Supported Regions
AWS CloudTrail supports the following endpoints:
Region Name
Region
Endpoint
Protocol
AWS Account ID
US East (Northern Virginia) Region
us-east-1
cloudtrail.us-east-1.amazonaws.com
HTTPS
086441151436
US West (Northern California) Region
us-west-1
cloudtrail.us-west-1.amazonaws.com
HTTPS
388731089494
US West (Oregon) Region
us-west-2
cloudtrail.us-west-2.amazonaws.com
HTTPS
113285607260
EU (Ireland) Region
eu-west-1
cloudtrail.eu-west-1.amazonaws.com
HTTPS
859597730677
Asia Pacific (Singapore) Region
ap-southeast-1
cloudtrail.ap-southeast-1.amazonaws.com
HTTPS
903692715234
Asia Pacific (Sydney) Region
ap-southeast-2
cloudtrail.ap-southeast-2.amazonaws.com
HTTPS
284668455005
Asia Pacific (Tokyo) Region
ap-northeast-1
cloudtrail.ap-northeast-1.amazonaws.com
HTTPS
216624486486
South America (Sao Paulo) Region
sa-east-1
cloudtrail.sa-east-1.amazonaws.com
HTTPS
814480443879