<ciso brief/>
Tag Banner

All news with #cloudtrail tag

all tags →

Tue, November 18, 2025

OpenSearch Serverless: CloudTrail data-plane audit logging

#AWS #OpenSearch Serverless #CloudTrail #Audit Logging #AWS S3

🔒 Amazon has added detailed audit logging for OpenSearch Serverless data-plane requests through AWS CloudTrail. Customers can now record and retain user actions on collections — including authorization attempts, index changes, and search queries — to support compliance and incident investigations. Logs can be filtered with read-only or write-only options or captured using advanced event selectors for granular control. Data events are delivered to Amazon S3 and can be forwarded to Amazon CloudWatch Events for real-time monitoring and response.

read more →

Fri, October 17, 2025

Securing Amazon Bedrock API Keys: Best Practices Guidance

#AWS #Amazon Bedrock #AWS IAM #API Security #AWS Secrets Manager #CloudTrail

🔐 AWS details practical guidance for implementing and managing Amazon Bedrock API keys, the service-specific credentials that provide bearer-token access to Bedrock. It recommends STS temporary credentials when possible and defines two API key types: short-term (client-generated, auto-expiring) and long-term (IAM-user associated). Protection advice includes using SCPs, iam and bedrock condition keys, and storing long-term keys in secure vaults. Detection and monitoring use CloudTrail, EventBridge rules, and an AWS Config rule, and response steps show CLI commands to deactivate and delete compromised keys.

read more →

Wed, September 10, 2025

AWS CloudTrail MCP Server Adds Natural-Language Security

#AWS #CloudTrail #AI Security #Model Context Protocol #Autonomous Agents

🔒 AWS Labs published a Model Context Protocol (MCP) server for CloudTrail that enables AI assistants to perform security and compliance analysis via natural‑language queries. The server provides direct access to CloudTrail events and CloudTrail Lake, allowing searches of 90‑day management event histories and Trino SQL queries on Lake data spanning up to 10 years. By exposing these capabilities through a conversational interface, the MCP server removes the need for bespoke API integrations and streamlines investigation and compliance workflows. The component is available in regions that support CloudTrail LookupEvents or CloudTrail Lake and is available with code and documentation in the AWS Labs repository.

read more →