Summary and Quiz

Get a refresher of what you’ve learned in the “Monitoring and Auditing” section, and take a short quiz to validate your knowledge.

We'll cover the following

In this lesson, we’ll summarize what we’ve learned so far in this chapter and test our knowledge of the AWS services we learned about with a short quiz.

Summary

Here’s a summary of the most important key takeaways from this chapter:

AWS CloudWatch

  • CloudWatch: CloudWatch provides observability by tracking metrics and insights from AWS resources. These metrics are time-ordered data points reflecting the operational state of resources.

Press + to interact

  • CloudWatch Logs and alarms: CloudWatch offers centralized logging (CloudWatch logs) for analyzing log files from various AWS resources. It allows the setting up of CloudWatch alarms, which are triggered when a metric crosses a predefined threshold, initiating CloudWatch events.

Press + to interact

  • Key features in CloudWatch: Here are the most important features of CloudWatch:

    • Metrics: Quantifiable measures for tracking resource or service status.

    • CloudWatch Logs: Real-time log data for performance and operational issue analysis.

    • Alarms: Monitor various metrics and respond to changes.

    • Events: Trigger actions in response to operational changes.

    • CloudWatch agent: Collects system-level metrics from EC2 and other resources.

  • Cost considerations: CloudWatch has a free tier but also offers paid features like detailed monitoring of custom and high-resolution metrics. Costs are also incurred for creating dashboards, alarms, log data ingestion, data transfer, and API calls.

AWS CloudTrail

  • AWS CloudTrail: AWS CloudTrail is essential for tracking user and service activities within AWS, helping in auditing, validating compliance, identifying security breaches, and troubleshooting operational issues.

Press + to interact

  • CloudTrail event: CloudTrail event is any action taken within our account. These actions are recorded as events within the logs by CloudTrail. CloudTrail events are of the following types:

    • Management events: Operations performed on AWS resources.

    • Data events: Object-level actions within AWS services like S3 or Lambda.

    • CloudTrail Insight events: Unusual activities detected based on established baselines.

  • CloudTrail services: CloudTrail is an expansive service that we can break into the following sub-services:

    • Event History: CloudTrail Event History is for viewing recent activity history in our AWS account.

    • CloudTrail Lake: CloudTrail Lake is a comprehensive audit and security data lake for aggregating and querying event data.

    • CloudTrail trails: CloudTrail Trails are configurations that define what events are recorded and where they are stored.

    • CloudTrail Insights: CloudTrail Insights are used to detect and notify about unusual account activities with the help of artificial intelligence.

  • CloudTrail integration with other services: CloudTrail can integrate with services like AWS EventBridge, CloudWatch, SNS, S3 & S3 Glacier, AWS Athena & Elasticsearch for enhanced monitoring, logging, and analysis.

Press + to interact

  • Cost considerations:

    • CloudTrail Event History is free for the latest 90 days of data.

    • Costs for CloudTrail Lake and trails vary based on usage.

    • CloudTrail Insights incurs charges based on analyzed write management events.

AWS Config

  • AWS CloudTrail: AWS Config is instrumental in auditing and ensuring compliance with AWS resources, monitoring configuration changes, and facilitating remediation actions.

Press + to interact

  • Operational scope: AWS Config operates on a per-region basis but can aggregate results across regions and AWS accounts. It tracks compliance, configuration changes, and API calls of supported AWS resources.

  • Key features in Config: Here are the most important features of Config:

    • Configuration recorder: Continuously records AWS resource configurations.

    • Configuration items: Records of an AWS resource’s configuration at a specific moment, including metadata.

    • Configuration history: A chronological record of a resource’s configuration items.

    • Config rules: Defines compliance conditions for resources.

  • Remediation actions: Automated or manual actions triggered by configuration changes violating Config rules. Remediation can use AWS Systems Manager or invoke AWS Lambda functions.

  • Conformance packs: Collections of Config rules and associated remediation actions managed as a single entity across regions and accounts.

  • Cost considerations: Costs are based on the number of configuration items recorded, with more frequent changes leading to more items and higher costs.

Press + to interact

Service comparison

  • Comparing CloudWatch, CloudTrail, and Config:

    • CloudWatch is proactive, with alerts and automated responses to performance issues.

    • CloudTrail and Config are reactive, providing insights after events for troubleshooting and security analysis.

  • Example service usage: In an example scenario where we host EC2 instances on a website:

    • CloudWatch tracks server metrics and sets alarms for performance management.

    • CloudTrail logs user activities like instance start/stop or setting modifications.

    • AWS Config reviews historical configurations and checks compliance with organizational policies.

Test your knowledge

Take a short quiz to validate that knowledge and to make sure you’ve not missed out on anything:

1

What is the primary purpose of Amazon CloudWatch?

A)

To deploy new AWS services.

B)

To monitor cloud and on-premises resources.

C)

To increase the storage capacity of AWS services.

D)

To manage user access to AWS services.

Question 1 of 110 attempted

Congratulations! We’ve successfully gone through the essential concepts of the AWS CloudWatch, AWS CloudTrail, and AWS Config services for Monitoring and Auditing and refreshed our knowledge of them.

Get hands-on with 1300+ tech skills courses.