106

Describe AWS best practice for consolidating CouldTrail logs from different AWS accounts.

Steps to consolidate CloudTrail logs from different AWS accounts:

  • Create a dedicated AWS account for logs.
  • Create an S3 bucket in the log account.
  • Grant other accounts write-only access to the S3 bucket.
  • Configure CloudTrail to log activity from all accounts to the S3 bucket.
  • Enable CloudTrail log file integrity validation.
Submit