@Ryan, I found another AWS article with a solution for monitoring root account usage. This article was written in 2017 and it looks like the outcome is similar to the one provided in your video. What do you think will be the best solution to use? Thanks!
Hi, which article are you talking about? if you share it we might be able to answer.
"Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, AWS CloudTrail event logs, and DNS logs."
So in essence we are setting a CloudTrial event and AWS suggester to monitor it via Guardduty