Amazon CloudWatch is a web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics.
CloudWatch uses metrics to represent the data points for your resources. AWS services send metrics to CloudWatch.
With CloudWatch, you can create alarms that automatically perform actions if the value of your metric has gone above or below a predefined threshold.
The CloudWatch dashboard feature enables you to access all the metrics for your resources from a single location.
AWS CloudTrail records API calls for your account.
The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, and more. With CloudTrail, you can view a complete history of user activity and API calls for your applications and resources.
Events are typically updated in CloudTrail within 15 minutes after an API call.
Example: A new user was created. Apply a filter to display only the events for the “CreateUser” API action in IAM
Within CloudTrail, you can also enable CloudTrail Insights.
This optional feature allows CloudTrail to automatically detect unusual API activities in your AWS account.
For example, CloudTrail Insights might detect that a higher number of Amazon EC2 instances than usual have recently launched in your account.
AWS Trusted Advisor is a web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices.
This is a service that you can use in your AWS account that will evaluate your resources against five pillars:
Some examples of checks are:
The green check indicates the number of items for which it detected no problems.
The orange triangle represents the number of recommended investigations.
The red circle represents the number of recommended actions.