AWS-Logo_White-Color
1.
Introduction
2.
Preparation steps
2.1
Create Policy and Role
2.2
Create Group and User
3.
Create Key Management Service
4.
Create Amazon S3
4.1
Create Bucket
4.2
Upload data to S3
5.
Create AWS CloudTrail and Amazon Athena
5.1
Create CloudTrail
5.2
Logging to CloudTrail
5.3
Create Amazon Athena
5.4
Retrieve data with Athena
6.
Test and share encrypted data on S3
7.
Resource cleanup
More
AWS Study Group - Blog
AWS Study Group - FB Group
English
Tiếng Việt
Clear History
Workshop
Cloud Journey
Last Updated
24-04-2024
Team
Gia Hưng
Quang Phúc
Edit this page
Encrypt at rest with AWS KMS
>
Create AWS CloudTrail and Amazon Athena
> Create CloudTrail
Create CloudTrail
Create CloudTrail
Create CloudTrail
Access
AWS Management Console
Find
CloudTrail
Select
CloudTrail
In the
CloudTrail
interface
Select
Trails
Select
Create trail
In the
Choose trail attributes
section
You can name it differently as you like!
Trail name
enter
kms-key-cloudtrail
Storage location
select
Use existing S3 bucket
Select
Browse
Next step
Select
kms-key-s3
Press
Choose
In the
Prefix - optional
section
You can name it differently as you like!
Enter
cloudtrail
Scroll down to the section and click
Next
In the
Choose log events
section
Event type
select
Management events
Select
Data evntes
Next step we scroll down to the
Data events
section
Select the words
Switch to basic event selector
to switch modes
Next step press
Continue
In the
Data event: S3
section
Data event source
select
S3
S3 bucket
uncheck
Read
and
Write
Individual bucket selection
press
Browse
Next step
Select
kms-key-s3
Press
Choose
Next step press
Next
Next step, scroll down and press
Create trail
Notification of successful creation
Please access
S3
again
Select
Buckets
select
kms-key-s3
We will see a folder created named
cloudtrail/
, this folder will contain all logs related to
kms-key-s3