- In the AWS console, navigate to the CloudTrail service. If this is the first time you have configured CloudTrail, select Create a trail from the welcome screen. If you already have used CloudTrail in your environment, skip to step 3.
- From the “Quick Trail” configuration screen, select Create full trail.
- Open CloudTrail from the AWS console and select Create trail
- Enter the configuration for CloudWatch logs to enable sending CloudTrail logs to CloudWatch, allowing the service to create a service role to enable CloudTrail the permissions to put log data into the CloudWatch log group. Then click Next
- Select which types of CloudTrail events to log (Blumira Recommends: Management, Insights events, and Data events including S3, Lambda, and DynamoDB)
- Click Create trail
S3 Housekeeping Lifecycle Policy
- In the AWS console, go to S3 and select the S3 bucket created for CloudTrail logging. Select the management tab and click Create lifecycle rule
- Enter a name for the lifecycle rule and under Choose a rule scope, select the radio button to apply the rule to all objects in the bucket
- Set the lifecycle policy to expire current versions of objects and permanently delete any previous version of objects after 1 day, then click Create rule.
Now that you’ve configured AWS: CloudTrail for Blumira, continue to the next step in configuring AWS for Blumira – configure AWS: CloudWatch >