Here's a list of a few essential tips and best practices that you ought to keep in mind when working with AWS CloudTrail, AWS Config, and security in general:
- Analyze and audit security configurations periodically: Although AWS provides a variety of services for safeguarding your cloud environment, it is the organization's mandate to ensure that the security rules are enforced and periodically verified against any potential misconfigurations.
- Complete audit trail for all users: Ensure that all resource creation, modifications, and terminations are tracked minutely for each user, including root, IAM, and federated users.
- Enable CloudTrail globally: By enabling logging at a global level, CloudTrail can essentially capture logs for all AWS services, including the global ones such as IAM, CloudFront, and so on.
- Enable CloudTrail Log file validation: An optional setting, however it is always recommended to enable CloudTrail Log file validations for an added layer of integrity...