CloudWatch vs CloudTrail vs Config

CloudWatch vs CloudTrail vs Config
CloudWatch
Performance monitoring (metrics, CPU, network, etc…) & dashboards
Events & Alerting
Log Aggregation & Analysis
CloudTrail
Record API calls made within your Account by everyone
Can define trails for specific resources
Global Service
Config
Record configuration changes
Evaluate resources against compliance rules
Get timeline of changes and compliance
Ex: For an Elastic Load Balancer
CloudWatch:
Monitoring Incoming connections metric
Visualize error codes as % over time
Make a dashboard to get an idea of your load balancer performance
Config:
Track security group rules for the Load Balancer
Track configuration changes for the Load Balancer
Ensure an SSL certificate is always assigned to the Load Balancer (compliance)
CloudTrail:
- Track who made any changes to the Load Balancer with API calls
Subscribe to my newsletter
Read articles from Rohit Pagote directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Rohit Pagote
Rohit Pagote
I am an aspiring DevOps Engineer proficient with containers and container orchestration tools like Docker, Kubernetes along with experienced in Infrastructure as code tools and Configuration as code tools, Terraform, Ansible. Well-versed in CICD tool - Jenkins. Have hands-on experience with various AWS and Azure services. I really enjoy learning new things and connecting with people across a range of industries, so don't hesitate to reach out if you'd like to get in touch.