AWS CloudTrail

AWS CloudTrail

Perch integrates with Amazon Web Services CloudTrail to ingest logs for all your Amazon services. You can configure your AWS CloudTrail to provide whichever logs you desire. You will need to create a user for Perch in AWS IAM so that your CloudTrail configuration can be accessed. Once the user is created, simply provide the credentials in your Perch Integration Settings and your logs will be collected automatically.

Getting started

  1. Click here to go to AWS CloudTrail settings in the Perch app
  2. Create an IAM user with read-only access to AWS CloudTrail.
  3. Enter those credentials and enable AWS CloudTrail logging within Perch.

Create an IAM user for Perch

In order for Perch to access your AWS CloudTrail logs, you must explicitly grant permission to a user.

  1. Go to the Users section of AWS IAM.
  2. Click the blue “Add user” button.
  3. Give the user a name and select “Programmatic access.”
  4. Click the new “Next: Permissions” button.
  5. Select “Attach existing policies directly” and check “AWSCloudTrailReadOnlyAccess.”
  6. Finish the wizard and save the user’s cred entials in a secure place for the next few steps.

creating an IAM user

Configure Perch

  1. Install the AWS CloudTrail integration.
  2. Enter the credentials from AWS.
  3. Click “Save and Test.”
  4. Toggle “Enable AWS CloudTrail event log collection” and click “Save.”

Like all Perch integrations, you can enable or disable AWS CloudTrail log ingestion at any time by toggling the switch from “OFF” ( gray ) to “ON” ( purple ), or the other way around.

Configure AWS CloudTrail