βοΈ Day 14: AWS CloudTrail vs CloudWatch β Know the Difference
Category: Monitoring & Auditing
Goal: Understand how AWS CloudTrail and CloudWatch are different, and when to use each.
π§ What Youβll Learn Today:
- What is AWS CloudTrail
- Recap: What is CloudWatch
- Key differences between CloudTrail & CloudWatch
- Simple examples for both
- Why both are important together
π 1. What is AWS CloudTrail?
Think of CloudTrail as your security camera in the cloud.
π It records every action taken in your AWS account, such as:
- Who logged in
- Which resource was created/deleted
- Which API call was made and when
π It gives you a history of all events β perfect for auditing, troubleshooting, and security checks.
π 2. Recap: What is CloudWatch?
We covered this in Day 13, but a quick recap:
- CloudWatch = Performance Monitor
- Tracks metrics like CPU, memory, logs, errors
- Creates alarms and dashboards
- Helps you keep your apps healthy and efficient
βοΈ 3. CloudTrail vs CloudWatch: The Key Differences
| Feature | CloudTrail | CloudWatch |
|---|---|---|
| Purpose | Logs who did what | Monitors how services are performing |
| Data Type | Events (API calls, actions) | Metrics, logs, graphs |
| Use Case | Security & auditing | Performance & health monitoring |
| Example | “User deleted an EC2 instance” | “EC2 CPU usage is 90%” |
| Alerting | Not for real-time alerts | Built for alerts and automation |
| Default Logging | Enabled for all accounts | Needs setup for custom logs |
π¦ 4. Real-Life Example
π¨ CloudTrail Use Case:
You want to know who terminated an EC2 instance yesterday.
β
CloudTrail shows:
- User X made that action at 3:45 PM
- API call:
TerminateInstances
π CloudWatch Use Case:
Your EC2 server is running slow.
β
CloudWatch shows:
- CPU usage at 95%
- Alarm triggered due to high load
π 5. Why You Need Both
Together, CloudTrail + CloudWatch give you:
- Full visibility into who did what (CloudTrail)
- And how it impacted performance (CloudWatch)
π‘ Example:
- CloudTrail: Shows someone updated a Lambda function
- CloudWatch: Tells you that the function now throws errors and takes longer
β End of the Day Notes:
Today you learned:
- π§ CloudTrail tracks user actions & API calls
- π CloudWatch tracks performance & logs
- π― Both are essential tools for cloud monitoring & security
- π‘οΈ Use CloudTrail for audit & compliance
- π Use CloudWatch for system health & alerting
π¨βπ» As a cloud engineer, understanding the difference between these two will help you debug faster and secure better.
π Navigate the Series:
β¬
οΈDay 13: AWS Monitoring Basics β Keeping an Eye on Your Cloud
β‘οΈDay 15: AWS Pricing & Calculator β Master Cloud Costs
