Required Fields and Where to Find Them for AWS CloudTrail API Integration
|
Field Name |
Description |
Where to Find It |
|
AccessKey |
The access key ID for programmatic access to AWS services. |
AWS Console > IAM > Users > [Select user] > Security credentials tab > Click Create access key |
|
SecretKey |
The secret key associated with the access key. |
Only shown once when creating the access key. You can download it as a .csv file. |
|
AWS Region |
The region where CloudTrail is configured (e.g., eu-north-1). |
Displayed in the top-right corner of the AWS Console or selected during CloudTrail setup. |
Create AccessKey & SecretKey:
Log in to the AWS Console.
Click your username at the top-right and go to Security credentials.
Scroll to the Access keys section.
Click Create access key.
Copy the:
Access Key ID → use this as your AccessKey.
Secret Access Key → use this as your SecretKey.
Important: The secret key is shown only once. Save or download it securely as a .csv file.
Find the AWS Region:
The region is where CloudTrail is set up and where your logs are stored.
It’s visible in the top-right corner of the AWS Console (e.g., eu-north-1).
Use this exact value during API configuration.
Check if CloudTrail is Enabled:
Go to the CloudTrail service in the AWS Console.
In the Trails section, verify that a trail is active.
Only logs stored in these destinations can be queried via API.
After receiving this information, you can log in to Logsign USO and select API > AWS CloudTrail to complete the source addition process.