https://cramsession.net/index.php?action=history&feed=atom&title=AWS_-_CloudtrailAWS - Cloudtrail - Revision history2026-05-26T23:03:33ZRevision history for this page on the wikiMediaWiki 1.41.1https://cramsession.net/index.php?title=AWS_-_Cloudtrail&diff=1343&oldid=prevMflavell: Created page with " Cloudtrail should be configured to capture every API call. Coundtrail may be the first target of a bad actor: ** Disablining cloud trail is often a top prioirty of bad actors to "cover their trcks" ** The best way to prevent manimulation of log files is through the use of an SCP - Service control policy. *** The SCP can be pushed down from the top if multiple accounts are involced. Another method is to stop the ability to turn off cloudtrail: ** This is done by c..."2026-02-09T16:04:21Z<p>Created page with " Cloudtrail should be configured to capture every API call. Coundtrail may be the first target of a bad actor: ** Disablining cloud trail is often a top prioirty of bad actors to "cover their trcks" ** The best way to prevent manimulation of log files is through the use of an SCP - Service control policy. *** The SCP can be pushed down from the top if multiple accounts are involced. Another method is to stop the ability to turn off cloudtrail: ** This is done by c..."</p>
<p><b>New page</b></p><div><br />
Cloudtrail should be configured to capture every API call.<br />
<br />
Coundtrail may be the first target of a bad actor:<br />
<br />
** Disablining cloud trail is often a top prioirty of bad actors to "cover their trcks"<br />
<br />
** The best way to prevent manimulation of log files is through the use of an SCP - Service control policy.<br />
<br />
*** The SCP can be pushed down from the top if multiple accounts are involced.<br />
<br />
<br />
Another method is to stop the ability to turn off cloudtrail:<br />
<br />
** This is done by choosing YES to "enable log file validtion" when you crete or update a cloud trail.</div>Mflavell