Read the article to know the method to deploy AWS CloudTrail with S3 Bucket. Bobcares, as a part of our AWS Support Services, offers solutions to every query that comes our way.

How to deploy AWS CloudTrail with S3 Bucket?

AWS CloudTrail is an AWS service that helps users enable the operational and risk monitoring, management, and adherence of the AWS account. Events in CloudTrail are actions of a user, role, or AWS service. Let’s look into the steps to deploy AWS CloudTrail with S3 Bucket:

1. Firstly, log in to the AWS account.
2. Choose Services >> CloudTrail.
3. Go to the CloudTrail console and create a Trail. The first thing to note is that logs are sent to the S3 bucket, so if we don’t already have one, it will create one by default. In order to select a different or additional bucket, we must select the full create trail workflow.

   So, the first method is to use the default process, in which we simply enter the CloudTrail name, trail bucket, and folder. The second option is to click on Create Trail workflow and go through the steps to customize it. So, let’s click on this, and we’ll be now on a full workflow for creating a Trail, where we’ll enter the trail name and a display name for the trail.
4. Now choose the storage location “Create new S3 bucket.”
5. Enable the log file encryption using the Log file SSE-KMS encryption option.
6. Enable the SNS notifications to trigger actions such as sending emails or messages. If we do this, we must create a new SNS topic or use an existing one.
7. We can now enable log monitoring using CloudWatch log groups. If we already have a log group, we can use it; otherwise, we can create a new one. Tag is completely optional. Click Next.
8. It’s time to select log events. There are three types of events: Management events, Data events, and Insight events. Here, we select Management events. Here, we have two options Read and Write API activity. Click on Next.
9. So, simply review and confirm the details to create the trail before clicking on the Create Trail button.

The trail is now formed, the multi-region trail is enabled, insights Cloudtrail is disabled, and this is the Cloudtrail event log that we are gathering here this is the S3 bucket, So you can just right-click on this and we can see the S3 bucket.

[Need help with another query? We’re here to help.]

Conclusion

To conclude, we present the methods from our Support team on how to deploy AWS CloudTrail with an S3 bucket and we can also adjust the customization as per the requirements.