The Cloud
Now Reading
Logging IAM events with Cloud Trail

Logging IAM events with Cloud Trail

by KieranOctober 13, 2015

There may be occasions when someone has done something that they shouldn’t have in your AWS account. For example, they might have terminated an instance that they shouldn’t have and you need to find out who it was.

To do this, enter your AWS dashboard and click on “CloudTrail”

  • Click “get started now”
  • Pick or create an s3 bucket in which you’ll store your logs
  • Click advanced – click yes on SNS and enter a topic
  • Go to SNS in the menu
  • Click on topics
  • See the one you just created
  • Open it
  • Click create subscription
  • Create an email subscription to send out email notifications
  • Go back to CloudTrail and see the logs once they’ve generated
  • When you open a log, you can see who carried out an action and you can see what API keys were used

Image used under creative commons

This article was brought to you by Netshock. Netshock aim to provide technology guides and insight to our readers

What's your reaction?
Love It
0%
Interested
0%
Meh...
0%
What?
0%
Hate It
0%
Sad
0%
About The Author
Kieran
My name is Kieran, I love to see how technology can drive business growth. I started the Netshock technology blog as a place to share my thoughts and experiences with a wider audience. I cover all sorts of topics, from marketing to development.