HiveBrain v1.2.0
Get Started
← Back to all entries
snippetModerate

How to track changes to AWS settings?

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
settingstrackchangesawshow

Problem

Is there a way to track changes we make to the AWS system?

For example, changes to a subnet setting, from using nat to iwg - these display a message, and then disappear.

Is there a way to get AWS to create a log so that one can track which changes were made to what and when?

The closest thing we have now is the ElasticBeanstalk events - but even that only tells you what AWS did, not which settings were changed to cause the events.

Solution

AWS has the CloudTrail service that tracks most of the API calls done in your account. Then stores these in files in your specified S3 bucket.

https://aws.amazon.com/cloudtrail/

Using CloudTrail you can see who, or which service, called which change - in many cases also including which arguments were used.

Unfortunately it doesn't support ALL services at the moment.

Context

StackExchange DevOps Q#1160, answer score: 12

Revisions (0)

No revisions yet.