CloudTrail and IAM Role Integration for Change Audit Logging
Enable integration with AWS CloudTrail to fetch near real-time infrastructure change logs. Additionally, by linking each change event to the specific IAM role or user that made the modification, teams gain clearer accountability and traceability.
User Benefit:
* Gain near real-time visibility into infrastructure changes
* Enhance team accountability by identifying which IAM role/user made each change
* Keep precise audit log that's easy to read and won't miss small transient changes. This will help with compliance and internal governance for enterprise customers

-
AdminAndrew (Admin, DoiT) commented
At the moment AWS sync is performed every 4 hours which would miss changes made and then undone between sync and would create a huge delay in updating the diagrams after the change.
We should watch CloudTrail log for changes in the supported services and update/snapshot infrastructure diagrams much faster. It's also important to maintain audit log of who made the change each time.