Search Results: cloudtrail

Found 7 Skills

DevOps & Cloud Servicesaws/agent-toolkit-for-aws

aws-observability

Builds, configures, debugs, and optimizes AWS observability using CloudWatch (Logs Insights, Metrics, Alarms, Dashboards, EMF), X-Ray, CloudTrail, and ADOT. Covers Log Insights query syntax (fields, filter, stats, parse, pattern, join, subqueries), alarm configuration (metric, composite, anomaly detection, missing data treatment), dashboard design, custom metrics (PutMetricData, EMF, metric filters), X-Ray tracing (ADOT, sampling rules, annotations vs metadata), ADOT collector config, and CloudTrail auditing. Use when the user mentions CloudWatch, Log Insights, alarms, INSUFFICIENT_DATA, dashboards, custom metrics, EMF, X-Ray, traces, sampling, CloudTrail, who deleted, ADOT, OpenTelemetry, observability, monitoring, synthetics, canaries, or troubleshooting alarm behavior. Do NOT use for application logging setup, container log drivers, or security threat detection.

🇺🇸|EnglishTranslated

166

1 scripts/Checked

DevOps & Cloud Servicesbagelhole/devops-security...

aws-cloudtrail

Configure AWS CloudTrail for audit logging. Set up organization trails and event analysis. Use when auditing AWS activity.

🇺🇸|EnglishTranslated

Security & Complianceaws/agent-toolkit-for-aws

creating-secrets-using-best-practices

Creates and manages secrets in AWS Secrets Manager following security best practices. Always use this skill when creating secrets — it sets up dedicated KMS encryption keys, automatic rotation, least-privilege IAM policies, CloudTrail auditing, and lifecycle management that are essential for production-grade secret handling.

🇺🇸|EnglishTranslated

DevOps & Cloud Servicesaws/agent-toolkit-for-aws

setting-up-cloudtrail-multi-region

Enables a multi-region AWS CloudTrail trail with S3 log storage, CloudWatch Logs integration, and CloudWatch Logs Insights queries for security monitoring and compliance auditing. Use when setting up centralized API activity logging across all AWS regions.

🇺🇸|EnglishTranslated

DevOps & Cloud Servicesaws/agent-toolkit-for-aws

aws-cloudformation

Author, validate, and troubleshoot AWS CloudFormation templates. Covers template authoring with secure defaults, pre-deployment validation (cfn-lint, cfn-guard, change sets), and root-cause diagnosis of failed stacks using CloudFormation events and CloudTrail correlation.

🇺🇸|EnglishTranslated

167

Security & Compliancemukul975/anthropic-cybers...

analyzing-cloud-storage-access-patterns

Detect abnormal access patterns in AWS S3, GCS, and Azure Blob Storage by analyzing CloudTrail Data Events, GCS audit logs, and Azure Storage Analytics. Identifies after-hours bulk downloads, access from new IP addresses, unusual API calls (GetObject spikes), and potential data exfiltration using statistical baselines and time-series anomaly detection.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Compliancemukul975/anthropic-cybers...

detecting-serverless-function-injection

Detects and prevents code injection attacks targeting serverless functions (AWS Lambda, Azure Functions, Google Cloud Functions) through event source poisoning, malicious layer injection, runtime command execution, and IAM privilege escalation via function modification. The analyst combines static analysis of function code, CloudTrail event correlation, runtime behavior monitoring, and IAM policy auditing to identify injection vectors across the expanded serverless attack surface including API Gateway, S3, SQS, DynamoDB Streams, and CloudWatch event triggers. Activates for requests involving Lambda security assessment, serverless injection detection, function event poisoning analysis, or serverless privilege escalation investigation.

🇺🇸|EnglishTranslated

1 scripts/Attention