Amazon Web Services connector is released.
Amazon Web Service (AWS) is the market leader in public cloud share and many organizations have both Azure and AWS estates. In fact, dividing critical enterprise I.T. components across both Azure and AWS, to achieve a cross-public cloud fault tolerance is a nirvana solution on many architects’ roadmaps. For customers investigating using Azure Sentinel and who have AWS resources in scope for security management, deploying the AWS connector is the right decision.
Azure Sentinel connects to AWS via the Cloudtrail service (aws.amazon.com/cloudtrail/). AWS Cloudtrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. After adding the AWS Connector to your Sentinel workspace you’ll find two new dashboards, AWS User Activity and AWS Network Activity. Figure 4 shows live data from the connector’s User Activity dashboard.