AWS CloudTrail

Track user activity and API usage on AWS and in hybrid and multicloud environments

One copy of management events delivered

with the AWS Free Tier 

Protect your organization from penalties using CloudTrail logs to prove compliance with regulations such as SOC, PCI, and HIPAA.

Improve your security posture by recording user activity and events, and set up automated workflow rules with Amazon EventBridge.

Capture and consolidate user activity and API usage across AWS Regions and accounts on a single, centrally controlled platform.

How it works

AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.

Use cases

Multicloud and multisource

Ingest activity events from AWS and sources outside AWS, including other cloud providers, in-house applications, and SaaS applications running in the cloud or on premises.

Learn more about ingesting activity events >>

Audit activity

Immutably store audit-worthy events for seven years, and validate activity events for authenticity. Easily generate audit reports required by internal policies and external regulations.

Learn more about AWS CloudTrail Lake >>

Identify and analyze unusual activity

Detect unauthorized access and analyze activity logs using SQL-based queries. Respond with rules-based EventBridge alerts and automated workflows.

Learn more about insights and analytics >>

How to get started

Explore AWS CloudTrail features

Learn how to log, continuously monitor, and retain account activity related to actions across your AWS infrastructure.

Visit the features page »

Try the AWS Free Tier

Get one copy of ongoing management events delivered and the most recent 90-day event history and pay nothing.

Create a free account »

Connect with an expert

Get answers to all your CloudTrail questions.

Explore support options »

Explore more of AWS