CloudTrail

The CloudTrail provides centralized AWS CloudTrail trail management across multiple AWS accounts in your organization. From a single interface, you can create, monitor, edit, and delete trails that capture API activity across your entire AWS environment.

What is CloudTrail?

AWS CloudTrail records API calls and events across your AWS infrastructure. The Prism CloudTrail simplifies trail management by letting you deploy and manage trails across many AWS accounts simultaneously, rather than configuring each account individually through the AWS Console.

Key capabilities include:

• Multi-account trail deployment -- Create a single trail configuration and deploy it to dozens or hundreds of AWS accounts at once
• Centralized monitoring -- View the status of every trail and account from one dashboard, with real-time status polling
• Full event configuration -- Configure management events, data events, insight events, and network activity events
• S3 log storage -- Create new S3 buckets or use existing ones for centralized log storage
• Trail lifecycle management -- Edit, clone, and delete trails with full control over associated resources

Authentication

1. Navigate to your organization's Prism URL -- Open your organization's Prism URL in your browser (e.g., https://yourcompany.prism.cloudkeeper.com).
2. Authenticate -- Log in using one of the available methods:
   • SSO -- Click the SSO button (e.g., "Sign in with Google", "Sign in with Microsoft") to authenticate through your organization's identity provider.
   • Username and password -- Enter your Prism credentials directly.
3. Select the CloudTrail -- After authentication, you are redirected to the application selection screen. Click CloudTrail to access it.

info

CloudTrail access must be enabled for your account by an Admin in Preferences > Admin Management. Without this, you will not see the CloudTrail option.

Portal Navigation

The CloudTrail has two main sections accessible from the sidebar:

Section	Description
Trails	View and manage all existing CloudTrail trails
Create Trail	Launch the step-by-step wizard to create a new trail

Prerequisites

Before using the CloudTrail, ensure the following:

• Your organization has been onboarded to Prism by CloudKeeper
• CloudTrail access enabled for your account by an Admin in Preferences > Admin Management
• At least one AWS account is onboarded in Prism

Related Pages

• Trail List -- Managing your trails
• Create Trail -- Step-by-step trail creation wizard
• Trail Detail -- Viewing trail information and managing accounts
• Edit Trail -- Modifying an existing trail
• Events -- Understanding CloudTrail event types