Skip to main content

On this page

 

 

Overview

AWS CloudTrail fetcher enhances your workflow by automating data collection. To use the fetcher feature, you must first establish a connection to the third-party application. We utilize connectors to enable precise data collection with minimal user input.

 

NOTE: The steps provided on this page may require the assistance of your internal team’s AWS CloudTrail admin and a ZenGRC Pro Admin.

 

 

AWS CloudTrail Configurations

Start by locating your AWS AccessKeyId and SecretAccessKey as well as the current AWS region in use within AWS to connect your accounts. Ask your AWS administrator for existing credentials first. Long-term credentials are necessary for the fetchers to work.

 

To manage the connection you will need:

  • AWS CloudTrail admin access
  • AWS AccessKeyId
  • SecretAccessKey
  • AWS Region

💡Tip: Visit AWS Support for step-by-step instructions, click here to learn more.

 

 

Connector Setup

Creating a Connector

This process only needs to be completed once. Once a connector has been established, fetchers can be created on any object. 

 

Learn more:

ZenGRC Classic:

ZenGRC Pro:

 

Creating a Fetcher 

Fetchers can be customized for specific data retrieval needs and are supported across a range of object types.

  • Available Fetchers for AWS CloudTrail: 
    • List of Trails: which retrieves an attachment with a list of all trails 
  • Fetchers run periodically, with a slight delay possible based on queue size. Please allow at least 5 minutes past the scheduled time for updates.

 

Parameters

For AWS CloudTrail, no parameters are required.


 

Managing a Custom Fetcher

Once created, your fetchers will run at the increment specified (daily, weekly, monthly, or yearly) until they expire or are removed. If no expiration date was set, fetchers will run until removed or the connection is deleted. 

  1. Open the desired object and go to the Custom Fetchers tab.
  2. Click a fetcher from the list to open the fly-out

Here you will see details about past and upcoming fetches. 

 

Fetcher Outputs

A fetcher needs to be added on a specific object. Each time it runs it either creates a new piece of evidence on the attachments tab or updates a field on the object itself. 

Note: Each time a fetcher tied to a custom attribute runs, it replaces the information in the linked field with the most up-to-date information. 

 

Fetch Now

To activate the fetcher immediately, click Fetch Now on the fetcher. This will enable the fetcher and have it run immediately.

 

Be the first to reply!

Reply


Terms & ConditionsCookie settings
I'm not ready yet X