Skip to main content

AWS Access Control Alerts with CloudWatch and CloudTrail

Hands-On Lab


Photo of

Training Architect





In this hands-on lab, we will create and configure a CloudTrail trail and a CloudWatch Logs log stream in order to set up monitoring and access alerts for an S3 bucket. Specifically, we'll create the trail for monitoring access to the S3 bucket, the CloudWatch Logs log stream to allow searching and filtering of the logs, and then a CloudWatch metric filter and alarm on that metric filter to generate an alert whenever there is any access to an S3 bucket.

This will demonstrate how to build effective monitoring and alerting with specific AWS API calls.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.