Guides

AWS Activity Help

Suggest Edits

Introduction

This user guide can be used as a self-help tool to help troubleshoot any issues users encounter during post-onboarding when configuring activity for AWS cloud accounts.

AWS activity can be tracked through AWS CloudTrail, a cloud service that helps you enable operational and risk auditing, governance, and compliance of your AWS cloud account(s).

AWS Activity – Enabling an Existing CloudTrail

If you already have an existing CloudTrail selected for an AWS cloud account in the platform, you should be all set to receive activity information. But if CloudTrail is ever in the stop logging state, you may not be able to pull any information.

To overcome this issue, you need to enable logging on the same CloudTrail that was chosen in a particular region during the post-onboarding configuration steps to start receiving activity updates.

To enable logging:

  1. In the AWS portal, click CloudTrail > Trails.

  2. On the top-right side of the screen, click Start logging.

  3. Once the required configurations in the AWS portal are done, you can return to the platform and go to the Account Governance Dashboard, then click Edit on the cloud account for which you want to complete the setup.

    The Advanced Settings page of the selected cloud account appears.

  4. In the Governance Configuration section, click Edit.

  5. On the Cloud Account Governance page, you may now proceed to complete the configurations for post-onboarding process.

AWS Activity – Creating a New CloudTrail

CloudTrail should be enabled by default for the resources running in your AWS account.

However, if there is a quota limit issue with CloudTrail in your AWS account, then you might prefer to choose another existing Trail for your onboarded AWS cloud accounts, or to delete one of your existing Trails in AWS and create a new one through the platform or the AWS portal.

To create a new CloudTrail:

  1. Depending on your needs, login to your AWS portal and navigate to the CloudTrail section. Here you can either:
    a. Identify another existing CloudTrail to use for your onboarded cloud account and take note of its details.
    b. Delete and/or create a new CloudTrail to use for your onboarded cloud account (instructions for creating a new CloudTrail can be found here).

  2. Once the required configurations in the AWS portal are done, you can return to the platform and on the Account Governance Dashboard, click Edit corresponding to the service account for which you want to complete the setup.

The Advanced Settings page of the selected cloud account appears.

  1. In the Governance Configuration section, click Edit.

  2. On the Cloud Account Governance page, complete the configurations for post-onboarding process. Here, you can select to use either another existing CloudTrail or a new CloudTrail you created.

Updated 5 months ago