AWS CloudTrail Lake now supports configuration items from AWS Config
AWS CloudTrail Lake now integrates with AWS Config to support ingestion and query of configuration items. Now you can query and analyze both configuration items and CloudTrail activity logs in CloudTrail Lake, thereby simplifying and streamlining your security and compliance investigations. CloudTrail Lake enables security teams to perform retrospective investigations by helping answer who made what configuration changes to resources associated with security incidents such as data exfiltration or unauthorized access. CloudTrail Lake helps compliance engineers investigate noncompliant changes to their production environments by relating AWS Config rules with noncompliant status to who and what resource changes triggered them. IT teams can perform historical asset inventory analysis on configuration items using CloudTrail Lake’s default seven-year data retention period.