Monitoring, Auditing, and Logging Users and Resource Usage in AWS IAM

In this hands-on lab scenario, you are a security engineer working for a new startup that’s launching an online bookstore for rare and antique books. The founder, Kia, needs your help with monitoring and auditing the activities in her account. In order to provide access and ensure the proper security measures are in place, you will use AWS Identity & Access Management (IAM) and AWS CloudTrail. You will provide Kia with the credential report, the details from the Access Advisor tab, and you will create a trail using CloudTrail.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Generate a Credential Report

Log in to the AWS Management Console.
Access Identity & Access Management (IAM).
Click Credential Report.
Download the report and open it.

Utilize the Access Advisor Tab

Log in to the AWS Management Console.
Access Identity & Access Management (IAM).
Access the developer-1 user.
Review the details of the Access Advisor tab.

Create a Trail using CloudTrail

Log in to the AWS Management Console.
Access CloudTrail.
Review the event history for the account.
Create a trail that logs to an Amazon S3 bucket.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Monitoring, Auditing, and Logging Users and Resource Usage in AWS IAM

About this Hands-on Lab

Learning Objectives

Additional Resources

What are Hands-on Labs

Newsletter