Certified Security - Specialty

Sign Up Free or Log In to participate!

Remark: CloudTrail

Ryan stated in the lecture that CloudTrail Logs every API Call in your AWS Account, well that’s not quite correct as CloudTrail does not support every AWS Service nor does CloudTrail log every API Call for supported AWS Services.

1 Answers

According to Amazon; CloudTrail captures all API calls for Amazon EC2, Amazon EBS, and Amazon VPC as events, including calls from the console and from code calls to the APIs


I guess it’s possible it might not cover all APIs looking at the pace AWS deploy newer services but for the exams or now, there is no service on AWS that captures API logs better than cloudtrail.


Well that’s a completely different statement. And I totally agree with that, CloudTrail is the go to service for auditlogging on AWS without a question. I just wanted to state that the statement every call is logged is not quite true and might become a pain point if someone relies on that.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?