Logging and Monitoring
AWS Logging and Monitoring
- AWS CloudTrail logs every API call made on your AWS account.
- Analysing these logs will help in detecting potential malicious activities and unauthorised attempts on your account.
- CloudTrail logs can be configured to deliver the logs to AWS S3 for secure retention.
- Implement log file integrity to secure the logs.
- AWS Config can be used to record configurations and it’s change over time.
- Compliance rules can be defined to evaluate resource configuration against complaint standards.
- Automatic alerts can be configured to notify if there are any changes.
- AWS Config is set per region but can be aggregated across regions and accounts.
- The configuration data can be stored into S3 which is analysed by Athena.
- AWS Lambda can be configured for automated remediation of non-complaint resources.
- AWS CloudWatch provides real-time monitoring for AWS resources.
- CloudWatch provides you with below key features:
- Logs monitoring: Monitor store, search from AWS logs.
- Metrics monitoring: Collect and track metrics from different AWS services.
- Dashboard: Create custom dashboard to visualise data by filtering metrics.
- Setting up alarms and notifications for security incidents
- Configure alarms based on predefined threshold based on specific metric to identify any potential security breach.
- On reaching the threshold, AWS SNS, SES can be triggered to send notification to the team allowing them to respond promptly on the issue.
AWS Security Best Practices
The AWS Simple Storage Service (S3) is a cloud service provided by Amazon Web Services (AWS) to store your data securely. You can access this service through your IAM role or root user account. In this article, we’ll see different security measures to protect your data from fraudulent access using AWS Security Best Practices. Please note that, due to the extensive nature of security practices, we’ll cover a selection of key measures in this article.