The AWS CloudTrail console now allows you to separately add data events and management events logging options, making it easy to customize your CloudTrail configuration. With data events logging, you can record all API actions on Amazon S3 Objects and receive detailed information such as the S3 object level API activity, AWS account of the caller, IAM user role of the caller, time of the API call, IP address of the API, and other details. With management events logging, you can record operations that occur on your AWS accounts and resources, such as administrative actions to create, delete, and modify EC2 instances or IAM activities.
Quelle: aws.amazon.com
Published by