AWS CloudTrail is a web service developed to simplify and provide assistance with AWS accounts. Enabling compliance, governance, and operational and risk auditing, it allows users to monitor, log, and document AWS account-related activity in an easily searchable format. With its comprehensive account event history function, CloudTrail helps users analyze and troubleshoot security and operational issues, detect unusual account activity, and much more by increasing visibility into customers’ user and resource activity.
For huge analytical tables, Apache Iceberg is a high-performance format. Using Apache Iceberg, engines such as Spark, Trino, Flink, Presto, Hive and Impala can safely work with the same tables, at the same time, providing the reliability and simplicity of SQL tables to big data. With Apache Iceberg, you can merge new data, update existing rows, and delete specific rows. Data files can be eagerly rewritten or deleted deltas can be used to make updates faster.
1. First, navigate to the AWS Management Console and log in to your account.
2. Once logged in, search for the CloudTrail service and select it.
3. In the CloudTrail dashboard, select the Trails option from the left-hand menu.
4. Click on the name of the trail you want to use as your source connector.
5. In the trail details page, scroll down to the section labeled "Management events" and click on the "Edit" button.
6. In the "Data events" section, click on the "Add data event" button.
7. Select the type of data event you want to capture and configure the settings as needed.
8. Once you have configured the data event, click on the "Save" button to save your changes.
9. Next, navigate to the Airbyte dashboard and select the "Sources" option from the left-hand menu.
10. Click on the "Create a new source" button and select the AWS CloudTrail connector.
11. Enter your AWS access key ID and secret access key in the appropriate fields.
12. Enter the name of the S3 bucket where your CloudTrail logs are stored.
13. Enter the name of the CloudTrail trail you want to use as your source connector.
14. Click on the "Test" button to ensure that your credentials are valid and that Airbyte can connect to your CloudTrail logs.
15. Once the test is successful, click on the "Create" button to create your AWS CloudTrail source connector in Airbyte.
1. Open the Airbyte platform and navigate to the "Destinations" tab on the left-hand side of the screen.
2. Click on the "Apache Iceberg" destination connector and select "Create new connection."
3. Enter a name for your connection and provide the necessary credentials for your Apache Iceberg database, including the host, port, database name, username, and password.
4. Test the connection to ensure that it is successful. 5. Select the tables or data sources that you want to replicate to your Apache Iceberg database.
6. Configure any additional settings or options for your connection, such as the frequency of data replication or any transformations that you want to apply to your data.
7. Save your connection and start the replication process.
8. Monitor the progress of your data replication and troubleshoot any issues that may arise.
9. Once the replication process is complete, verify that your data has been successfully replicated to your Apache Iceberg database.
10. Use your Apache Iceberg database to analyze and query your data as needed.
With Airbyte, creating data pipelines take minutes, and the data integration possibilities are endless. Airbyte supports the largest catalog of API tools, databases, and files, among other sources. Airbyte's connectors are open-source, so you can add any custom objects to the connector, or even build a new connector from scratch without any local dev environment or any data engineer within 10 minutes with the no-code connector builder.
We look forward to seeing you make use of it! We invite you to join the conversation on our community Slack Channel, or sign up for our newsletter. You should also check out other Airbyte tutorials, and Airbyte’s content hub!
What should you do next?
Hope you enjoyed the reading. Here are the 3 ways we can help you in your data journey:
What should you do next?
Hope you enjoyed the reading. Here are the 3 ways we can help you in your data journey:
Ready to get started?
Frequently Asked Questions
AWS CloudTrail provides access to a wide range of data related to AWS account activity and resource usage. The following are the categories of data that can be accessed through the API:
1. Event history: This includes information about all the events that have occurred in an AWS account, such as API calls, console sign-ins, and resource changes.
2. Resource activity: This category includes data related to the usage of AWS resources, such as EC2 instances, S3 buckets, and RDS databases.
3. User activity: This category includes data related to user activity in an AWS account, such as user sign-ins, password changes, and access key usage.
4. Security analysis: This category includes data related to security events in an AWS account, such as failed login attempts, unauthorized access attempts, and changes to security groups.
5. Compliance auditing: This category includes data related to compliance auditing in an AWS account, such as changes to IAM policies, CloudTrail configuration changes, and VPC network changes.
Overall, the AWS CloudTrail API provides a comprehensive view of AWS account activity and resource usage, making it a valuable tool for monitoring and managing AWS environments.