MontyCloud Blog

MontyCloud DAY2™ and AWS CloudTrail Lake deliver business context for activities performed by CloudOps teams - MontyCloud

Written by Muhammed Basil | Feb 22, 2023 5:30:00 PM

I am excited to share that MontyCloud is a launch partner for AWS CloudTrail Lake. MontyCloud’s integration allows AWS customers and partners to use AWS CloudTrail Lake as their single source of truth for auditing CloudOps events performed via MontyCloud.

In this blog I am going to show you how customers are leveraging MontyCloud DAY2’s No-Code approach to automate contextualization of critical activities performed in cloud environments. I will also show you how this helps simplify Security & Compliance Audits and improve Operational Excellence of our customers’ cloud environments.

 

Automated Audit Readiness

AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions. AWS CloudTrail Lake is a fully managed audit and security lake that lets AWS customers aggregate, immutably store and query activity logs recorded by AWS CloudTrail. This helps fulfil the requirements of auditing and security investigation and simplifies operational troubleshooting. Events captured by CloudTrail Lake is backed up by a 7-year default retention policy to meet compliance requirements.

A rapid growth in the volume of events often turns this immutable store into a noisy source of truth that lacks specific business context. CloudOps teams that look for the proverbial ‘needle in the haystack’ to help meet the need of audit teams are required to perform undifferentiated heavy lifting to correlate critical events and the purpose behind the activities that caused such events.

Starting today, customers and partners can automatically record and track all actions performed by MontyCloud and eliminate the manual search and correlation activities performed by their CloudOps teams. This helps them rapidly meet audit requirements and use the time to refocus their efforts on delivering operational excellence.

With this integration, MontyCloud enhances the value of AWS CloudTrail logs by enriching the events with business and operational context around decisions that led to the actions. Customers save time and improve the liability of their cloud environments because they know the who, why and where someone took an action. MontyCloud DAY2 managed environments and projects automatically contextualize actions performed by users.

With this integration from MontyCloud, customers and partners can now automatically track activities such as User lifecycle events, resource reconfiguration actions, and automations run against over 50+ AWS services such as EC2, Workspaces, S3, ECS, EKS, RDS, DynamoDB, IAM, VPCs, and AlphaFold environments. Additionally our previously announced integration with AWS Systems Manager’s Automation Actions automatically leverages this integration with AWS CloudTrail Lake making it easy to track any custom actions performed using MontyCloud DAY2.

 

Solution Architecture

 

Here is how you can enable  MontyCloud DAY2 CloudTrail Connector in AWS console

 

To setup the AWS CloudTrail Lake integration Login to MontyCloud DAY2 and click on the settings icon at the top right corner.

 

Find ‘Connectors’ in the list and select the CloudTrail Lake connector.

Click Connect New and enter a Name and Description. Integration channel ARN can be added after AWS CloudTrail Lake integration is setup in the AWS Console.

Copy the External ID provided in this screen. We will need this later to complete the setup.

On the AWS Console sign into your account and navigate to the AWS CloudTrail service page. Under the integrations page, select MontyCloud from the list of available sources.

 

Click on ‘Add integration’ and provide a name for the integration. The Source will show as MontyCloud.

 

Next, select ‘Create new event data store’ and provide a name and retention period per your organization’s policy.

Now enter the ExternalID (that was noted earlier) in the External ID field under the Resource Policy section.

 

Finally, add tags as per your organizations’ policies and complete by clicking ‘Add Integration’.

An integration channel will be created. Copy the Channel ARN from the integration detail channel screen.

 

Switch back to MontyCloud DAY2 and in the Connect New AWS CloudTrail Lake screen enter the Channel ARN in the Integration Channel ARN field and save.

 
MontyCloud DAY2 Events

After the connector is successfully setup, MontyCloud automatically logs the following events into AWS CloudTrail Lake.

  • Cloud Account Events (Onboarded / Offboarded / Region Discovered)
  • User Management Events (Created / Deleted / Role Changed)
  • Project Events (Created / Deleted)
  • Environment Events (Created / Deleted)
  • State and context of events (Such as Started / Completed / Success / Failure) of all Automation Actions

Events published by MontyCloud DAY2 can be queried in the CloudTrail Lake Query page in AWS Console, or via APIs.

 

Conclusion

MontyCloud DAY2’s No-Code approach simplifies and automates contextualization of critical activities performed in cloud environments and empowers CloudOps teams to meet Audit and Compliance requirements.

You can request a demo here to see it in action. If you have questions on how your team can simplify and optimize Cloud Operations without specialized talent, we will be happy to help. You can contact us at Contact@MontyCloud.com