Is a secure cloud service platform that offers compute power, database storage. content delivery, network, and other functionality to help businesses scale and grow. It is one of the first cloud vendors to start services in the year 2006. It offers all the 3 service models namely IAAS, PAAS, and SAAS. Some of the notable domains in AWS are Compute, Migration, Storage, Network and Content Delivery, Management Tools, Database, Messaging, Security and Identity Compliance, and many more.
Simple and popular AWS Service for storage. Replicates data by default across multiple facilities. It charges per usage. It is deeply integrated with AWS Services. Buckets are logical storage units. Objects are data added in the bucket. S3 has a storage class on object level which can save money by moving less frequently accessed objects to colder storage class.
It is an AWS service that enables governance, compliance, operational auditing, and risk auditing of AWS account. It can log, continuously monitor, and retain account activity related to actions across AWS Infrastructure.
A serverless solution, which has an effective data-processing tool. It has high availability by default and doesn't store data. It gives the ability to do SQL queries on top of files stored in S3.
Amazon QuickSight is a scalable, serverless, embeddable, machine-learning-powered business intelligence (BI) service that’s built for the cloud. With QuickSight, you can create and publish interactive BI dashboards that include insights that are powered by machine learning. QuickSight dashboards can be accessed from any device, and you can embed them into your applications, portals, and websites.
Click on trail
Making below changes, keep others as default and click next
Choosing Event Types Management Events: Capture management operations such as start instance, delete an instance, create a bucket, delete the bucket, and many similar events.
Data Events: logs existing resources, like someone deletes a bucket, changes configurations of resource, and many similar events.
Insights Events: It identifies unusual activity. Events related to your account are unusual in different parts of the file bucket.
Clicking Data Event Source Cloudtrail store's the events in the above AWS Service
Review and Create Trail
Creating IAM User
Configuring IAM User
Assign Permissions and click next
Review and Create User
Login as the User Created Try Changing in Cloudtrail, permission denied
Log out of the user-created and log back as admin user
Go to S3 cloudtrail Go to your region and date to check your file, clicking on one of file's It is very difficult to understand from the above file, hence we use Athena below to simplify below.
The easiest way to work with the Athena table is through Cloudtrail
Go to event history of cloudtrail and click Athena table
Click the above created S3Cloudtrail bucket
An Athena Table is created with the above cloudtrail
Go to Quicksight
If it is a new account then you have to click signup and choose your plan, this is pretty basic so clicking on standard is enough for the article. Give it an appropriate name, email address and give access to Amazon S3 buckets of Athena and Cloudtrail.
Click on data sets click on athena Click on custom Sequel, write down the query, and click on confirm query Visualisation result of denied count