Real-Time Insights on AWS Account Activity
Real-Time Insights on AWS Account Activity

Automated Deployment

Before you launch the automated deployment, please review the architecture and other considerations discussed in this guide. Follow the step-by-step instructions in this section to configure and deploy Real-Time Insights on AWS Account Activity into your account.

Time to deploy: Approximately five minutes

Prerequisites

Before you start, verify that you have an AWS account with fewer than five existing AWS CloudTrail trails in a supported region.

Launch the Stack

This automated AWS CloudFormation template deploys the Real-Time Insights on AWS Account Activity solution. Please make sure that you’ve verified that you have reviewed the considerations and prerequisites before launching the stack.

Note

You are responsible for the cost of the AWS services used while running this solution. See the Cost section for more details. For full details, see the pricing webpage for each AWS service you will be using in this solution.

  1. Sign in to the AWS Management Console and click the button below to launch the real-time-insights-account-activity AWS CloudFormation template.

    
                                Real-Time Insights on AWS Account Activity launch button

    You can also download the template as a starting point for your own implementation.

  2. The template is launched in the US East (N. Virginia) Region by default. To launch this solution in a different AWS Region, use the region selector in the console navigation bar.

    Note

    This solution uses the Amazon Kinesis Data Firehose and Amazon Kinesis Data Analytics services, which are currently available in specific AWS Regions only. Therefore, you must launch this solution an AWS Region where these services are available. For the most current service availability by region, see AWS service offerings by region.

  3. On the Select Template page, verify that you selected the correct template and choose Next.

  4. On the Specify Details page, assign a name to your solution stack.

  5. Under Parameters, review the parameters for the template, and modify them as necessary.This solution uses the following default values.

    Parameter Default Description
    User Name <Requires input>

    User name to access the real-time dashboard

    User Email Address <Requires input>

    Email address of dashboard user. After launch, an email will be sent to this address with dashboard login instructions.

    Dashboard Bucket Name <Requires input>

    Specify a name for the new Amazon S3 bucket where the real-time dashboard will be stored. Do not specify an existing bucket.

  6. Choose Next.

  7. On the Options page, choose Next.

  8. On the Review page, review and confirm the settings. Be sure to check the box acknowledging that the template will create AWS Identity and Access Management (IAM) resources.

  9. Choose Create to deploy the stack.

    You can view the status of the stack in the AWS CloudFormation console in the Status column. You should see a status of CREATE_COMPLETE in roughly five minutes.

    The solution sends an email invitation to join the real-time dashboard.

  10. In the email, follow the instructions to sign in to the dashboard.

Note

In addition to the primary AWS Lambda function real-time-insights-account-activity-update-ddb, this solution includes the real-time-insights-account-activity-helper Lambda function, which runs only during initial configuration or when resources are updated or deleted.

After launching this solution, you will see these Lambda functions in the AWS console, but only the real-time-insights-account-activity-update-ddb function is regularly active. However, do not delete the real-time-insights-account-activity-helper function as it is necessary to manage associated resources.