Skip to main content
  1. Projects/
  2. AWS DevOps Pro Certification/
  3. 5: Security and Compliance/

3: Auditing

·1 min

Which services do we think of?

  • Config writes to s3
  • You can review changes in console
  • We can of course automate with SNS, lambda
  • Systems manager automations for auto-heal

What key services can analyze CloudTrail log files?

  • Quicksight
  • Athena
  • CloudWatch

How to set up auto-notify of config changes?

  • AWS Config + SNS (or lambda)

How to identify resources in acct that can be accessed externally?

  • IAM Access analyzer

What’s amazon quicksight?

  • Quick analysis, charting capabilities
  • BI service