AWS CloudTrail is an AWS offering that enables one to roll out a solution for their infrastructure's auditing and compliance needs. The minutest changes to the infrastructure configurations are logged. The source of these changes can be anything, including the console, the CLI, SDKs, and APIs that provide interactions with the AWS world. The subject of these changes (in other words, the initiator) can be a user logged in to the console or a service account with programmatic access via the CLI and SDKs.
CloudTrail works on the concept of events. Every atomic interaction with the AWS APIs is an event that gets logged, and makes up a trail. One can search, filter, and download events that make up a particular trail in a CSV or ...