AWS CloudWatch

AWS CloudWatch is a suite of monitoring tools built into one AWS service, reporting on their health and performance.

With CloudWatch, you can collect and track metrics, collect and monitor log files, and set alarms.

CloudWatch delivers metric data in 5 minutes periods for basic monitoring and 1 minute periods for detailed monitoring.

AWS Inspector

An automated security assessment service that helps improve the security and compliance of your apps on AWS.
It is an agent installed on the EC2 instance running at the operating system level.

AWS Trusted Advisor

A global service provides real-time guidance to help you provision your resources following AWS best practices. It helps you do security checks, reduce cost, Increase performance, and improve security.

AWS CloudTrail

AWS CloudTrail is a log of every single API call that has taken place inside your Amazon environment.

CloudTrail logs information on who made a request, the services used, the actions performed, parameters for the actions, and the response elements returned by the AWS service.

By default, trails log management events, but not data or Insights events.

By default, CloudTrail delivers an event within 15 minutes of the API call.

A trail is a configuration that enables delivery of CloudTrail events to an Amazon S3 bucket, CloudWatch Logs, and CloudWatch Events

You can create two types of trails for an AWS account: a trail that applies to all regions, or a trail that applies to one region. By default, when you create a trail in the console, the trail applies to all regions.

CloudTrail event history provides a viewable, searchable, and downloadable record of the past 90 days of CloudTrail events.

CloudTrail data events

Data events provide information about the resource operations performed on or in a resource. These are also known as data plane operations.

Example data events include:

AWS S3/DynamoDB/RDS object-level API activities.
AWS Lambda function execution activity (the Invoke API) and activity on S3 Object Lambda access points.
Amazon Elastic Block Store (EBS) direct APIs.

Data events are not logged by default when you create a trail. To record CloudTrail data events, you must explicitly add to a trail the supported resources or resource types for which you want to collect activity.

Additional charges apply for logging data events.

CloudTrail managerment events

Management events provide information about management operations that are performed on resources in your AWS account. These are also known as control plane operations.

Example management events include:

Configuring security (for example, IAM AttachRolePolicy API operations).
Registering devices (for example, Amazon EC2 CreateDefaultVpc API operations).
Configuring rules for routing data (for example, Amazon EC2 CreateSubnet API operations).
Setting up logging (for example, AWS CloudTrail CreateTrail API operations).
Non-API events that occur in your account (for example, log in).

Management events are viewable in the Event History with the CloudTrail console.

CloudTrail Insights events

CloudTrail Insights events capture unusual activity in your AWS account. Insights events are logged only when CloudTrail detects changes in your account's API usage that differ significantly from the account's typical usage patterns. They provide relevant information, such as the associated API, incident time, and statistics, that help you understand and act on unusual activity.

Example insights events can be: your account typically logs no more than 20 Amazon S3 DeleteBucket API calls per minute, but your account starts to log an average of 100 DeleteBucket API calls per minute. An Insights event is logged at the start of the unusual activity, and another Insights event is logged to mark the end of the unusual activity.

Insights events are disabled by default when you create a trail. To record CloudTrail Insights events, you must explicitly enable Insights event collection on a new or existing trail.

Additional charges apply for logging CloudTrail Insights events.

AWS Config

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. It provides a detailed view of the configuration of AWS resources and how they relate to each other in your AWS account. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

AWS Config Rules allow organizations to determine a number of standards for which they would like their configurations to comply. Those rules can be set as Managed Rules.

AWS CloudFormation

AWS CloudFormation is a service that gives an easy way to model a collection of related AWS and third-party resources. It is designed to allow resource lifecycles to be managed repeatably, predictable, and safely, while allowing for automatic rollbacks, automated state management, and management of resources across accounts and regions.

AWS CloudFormation supports Elastic Beanstalk application environments as one of the AWS resource types.

AWS Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service that automatically deploys web applications, from capacity provisioning, load balancing, auto-scaling to application health monitoring.

Elastic Beanstalk uses CloudFormation to create and maintain resources.