AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Any action taken by a user, role, or an AWS service are recorded as events in Cloudtrail. By ingesting and analyzing CloudTrail logs in Snowflake, practitioners are able to gain analytical insights and work toward securing their environments at scale.
Join this virtual hands-on lab to learn how to:
- Set up ingestion pipelines from an AWS S3 logging buckets to Snowflake
- Automate continuous data loading with Snowpipe
- Process the data for fast queries using Snowflake’s native JSON processing capabilities
- Craft queries and create visualization for threat analysis and posture management
Q: What prerequisites are required to participate in this lab?
A: AWS user with permission to create and manage IAM policies and roles: https://aws.amazon.com/free/
A: An Account Admin role access in Snowflake with permission to create tables, stages and storage integrations as well as setup Snowpipe. Sign up for your Snowflake trial account in the AWS region to enable a feature we will showcase in the lab: https://signup.snowflake.com/
A: An S3 Logging Bucket, preferably in the same region as your Snowflake target account.