DEV Community

Cover image for #40daysofHybridCloud (Day-3)
Sahil Kaushik
Sahil Kaushik

Posted on

#40daysofHybridCloud (Day-3)

#Day3

Alt Text

Today I got know one more service used in AWS and that is #CloudTrail

Q. What is CloudTrail and why it is used ?

Cloudtrail is a service in AWS which will help us record all the events performed by user , now of-course it require memory to store data which is also provided by AWS services like EBS and S3 which we will discuss further , as per now it's a user activity monitoring service.

it is easily found in Management and governance tab of services :-

Alt Text

Now to use cloudtrail through CLI mode .
Like very other services in AWS , Cloudtrail also have AWS commands which can be used to interact with cloudtrail.

some of cmd are shown below :-

Alt Text

let me give one example of execution of such command
aws cloudtrail looklup-events

used to look activities performed by user so far in json format.

Alt Text

As we have discussed there are different type storages in AWS that are S3 and EBS.

S3 is service in AWS which stores data in AWS in object format and have global access same as few others in market place like Dropbox and Swift in Openstack.

Discussing more about Block storage , there are two types of Block storage :-

  • Ephemeral storage

    Generally we install our OS on ephemeral storage which we also called as Root storage or drive , In this as soon as OS is removed data in the drive also get removed hence it is not reliable for storing important data like Web server or Databases .

  • Persistent storage

    on the other hand this storage is permanent and also more flexible it is like external pen-drive which can store the data and do not delete it as soon as OS get terminate and can be attached or detached according to more then one OS.

Again cloudtrail data can be stored in S3 as shown we have created a bucket in S3 where this data is present :-

Alt Text

At last we will talk about Firewall in AWS.

Firewall is a part of AWS security group which act like a shield for accessing services and data by the outside world without permission to do so.

the property of Firewall is such that by default it does not allow anybody from getting it's services used but in order to allow certain activities like accessing website hosted on AWS or accessing data stored in S3 we can add some rules(outbound) as per our convenience .

Alt Text

Alt Text

Also get to know how to host basic web-server in AWS .

thanks for reading

Happy Learning :)

Discussion (0)