AWS CloudTrail
What is AWS CloudTrail?
AWS CloudTrail is an application programming interface (API) call-recording and log-monitoring service offered by Amazon Web Services (AWS).
AWS CloudTrail enables AWS customers to record API calls, sending log files to Amazon Simple Storage Service (Amazon S3) buckets for storage. The service provides the following API activity data:
- The identity of an API caller.
- The time of an API call.
- The source of the IP address of an API caller.
- The request parameters.
- The response elements returned by the AWS service.
CloudTrail publishes a notification for each log file delivered, enabling users to take action upon log file delivery -- a process that takes about five minutes, according to AWS. It can also be configured to aggregate log files across multiple accounts so that log files are delivered to a single S3 bucket.
CloudTrail can facilitate regulatory compliance reporting for organizations that use AWS and need to track the API calls for one or more AWS accounts. The service can also be configured to support security information and event management platforms and resource management.
CloudTrail integrates with AWS services such as CloudWatch, Elasticsearch, Lambda, Simple Notification Service and Simple Queue Service, as well as third-party monitoring platforms.
There are some AWS API tools that CloudTrail does not work with, however, including Sumerian, WorkSpaces Application Manager, Deep Learning Amazon Machine Image, DeepComposer, DeepLens, DeepRacer and Snowmobile.
Editor's note: This article was written by Madelyn Bacon in 2016. TechTarget editors revised it in 2023 to improve the reader experience.