CloudWatch vs CloudTrail vs Config

Rohit PagoteRohit Pagote
1 min read

CloudWatch vs CloudTrail vs Config

CloudWatch

    • Performance monitoring (metrics, CPU, network, etc…) & dashboards

      • Events & Alerting

      • Log Aggregation & Analysis

CloudTrail

    • Record API calls made within your Account by everyone

      • Can define trails for specific resources

      • Global Service

Config

    • Record configuration changes

      • Evaluate resources against compliance rules

      • Get timeline of changes and compliance

Ex: For an Elastic Load Balancer

  • CloudWatch:

    • Monitoring Incoming connections metric

    • Visualize error codes as % over time

    • Make a dashboard to get an idea of your load balancer performance

  • Config:

    • Track security group rules for the Load Balancer

    • Track configuration changes for the Load Balancer

    • Ensure an SSL certificate is always assigned to the Load Balancer (compliance)

  • CloudTrail:

    • Track who made any changes to the Load Balancer with API calls
0
Subscribe to my newsletter

Read articles from Rohit Pagote directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Rohit Pagote
Rohit Pagote

I am an aspiring DevOps Engineer proficient with containers and container orchestration tools like Docker, Kubernetes along with experienced in Infrastructure as code tools and Configuration as code tools, Terraform, Ansible. Well-versed in CICD tool - Jenkins. Have hands-on experience with various AWS and Azure services. I really enjoy learning new things and connecting with people across a range of industries, so don't hesitate to reach out if you'd like to get in touch.