Enable AWS CloudTrail
- Sign in to the AWS Management Console and open the CloudTrail console at CloudTrail console
- Choose the region where you want the trail to be created
- Choose Get Started Now. If you do not see Get Started Now, choose Trails, and then choose Create trail
- On the Create Trail page, for Trail name, type a name for your trail
- For Management events, leave as default
- For Data events, leave as default
- For Storage location, Create a new S3 bucket, choose Yes
- For S3 bucket, type a name for the bucket you want to designate for log file storage
- Leave Advanced setting as default
- Choose Create
The new trail appears on the Trails page. The Trails page shows the trails in your account from all regions.
Enable AWS Config
- Sign in to the AWS Management Console and open the AWS Config console at AWS Config Console
- Ensure that you are in the Region where you want the workshop to run.
- Choose Get Started Now
- On the Settings page, for Resource types to record, under All resources
- Select Record all resources supported in this region
- Select Include global resources
- For Amazon S3 Bucket, select Create a new bucket – For Bucket Name, type a bucket name
- Choose a bucket from your account – For Bucket Name, choose your preferred bucket
- Choose a bucket from another account – For Bucket Name, type the bucket name
- Jump to AWS Config Role
- For AWS Config role, select Create a role. For Role name, leave as default. and select NEXT
- On AWS Config rules page select SKIP
AWS Config displays the Resource inventory page.
AWS config is configured now.