AWS certified Cloud Practitioner
Tech, Technical Skills

AWS Cloud Practitioner: AWS Inspector vs AWS Trusted Advisor vs CloudTrail

In this short series, I outline the notes that I took while preparing for the AWS Cloud Practitioner exam.

These are my personal notes that I have made while working through the A Cloud Guru exam practitioner course. They are in no way official notes from AWS.

I would advise you that if you do use my notes to help you revise for this exam, that you use them as a supplement to the most recent information in the White PapersExam Guide and go over your knowledge with practice exam papers.

Previous notes within this blog series:

AWS Inspector vs AWS Trusted Advisor vs CloudTrail

What is AWS Inspector?

  • An automated security assessment service that helps improve the security and compliance of your apps on AWS
  • An agent installed on the EC2 instance
  • Runs at the operating system level
  • Automatically assesses applications for vulnerabilities or deviations from best practices
  • After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritised by level of severity
  • Findings can be reviewed directly or as part of detailed assessment reports (available via the Amazon Inspector console or API)

What is AWS Trusted Advisor?

  • Global service
  • An online resource to help you:
    • Do security checks
    • Reduce cost
    • Increase performance
    • Improve security
  • Provides real-time guidance to help you provision your resources following AWS best practices
  • Advisor will advise you on:
    • Cost Optimization
    • Performance
    • Security
    • Fault Tolerance
  • Will look at the entire AWS environment
  • Will provide a report detailing:
    • Core Checks and Recommendations
    • Full Trusted Advisor – Business and Enterprise Companies only

What is AWS Cloud Trail?

  • CloudTrail records everything in your AWS environment giving your increased visibility
  • Records AWS Management Console actions and API calls
  • Identifies which users and accounts called AWS, the source IP and when calls occurred
  • Regional service
  • Needs the trails to be turned on per service

You may also like...