☁️
AWS Solutions Architect Associate SAA-C03 Study Notes/
🔶
AWS Config/
🔷
CloudWatch vs CloudTrail vs AWS Config
🔷

CloudWatch vs CloudTrail vs AWS Config

CloudWatch

  • Purpose: Operational monitoring.
  • Focus: Performance metrics, application logs, alarms, and dashboards.
  • Typical Use: Detect performance issues, analyze trends, trigger alerts.

CloudTrail

  • Purpose: Security and audit logging.
  • Focus: Records who did what, when, and from where in your AWS environment.
  • Typical Use: Investigate changes, audit activity, enable forensic analysis.

AWS Config

  • Purpose: Configuration tracking and compliance.
  • Focus: Records what the configuration is and evaluates if it meets compliance rules.
  • Typical Use: Maintain compliance posture, track resource configuration history, trigger remediations.

Example – Elastic Load Balancer

CloudWatch
  • Monitor key performance metrics such as request count, latency, and error codes.
  • Visualize metrics in dashboards for quick health assessment.
  • Set alarms to detect anomalies (e.g., high 5XX error rate).
AWS Config
  • Track configuration changes, including listener settings, security groups, and SSL certificates.
  • Evaluate compliance rules (e.g., enforce TLS 1.2 or newer).
  • Identify if insecure ports or public access are allowed.
CloudTrail
  • Log API calls related to ELB creation, deletion, or modification.
  • Identify who updated listener rules or target groups.
  • Investigate security incidents by reviewing API call history.