<h1 id="heading-cloudwatch-vs-cloudtrail-vs-config">CloudWatch vs CloudTrail vs Config</h1>
<h3 id="heading-cloudwatch">CloudWatch</h3>
<ul>
<li><ul>
<li><p>Performance monitoring (metrics, CPU, network, etc…) &amp; dashboards</p>
<ul>
<li><p>Events &amp; Alerting</p>
</li>
<li><p>Log Aggregation &amp; Analysis</p>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="heading-cloudtrail">CloudTrail</h3>
<ul>
<li><ul>
<li><p>Record API calls made within your Account by everyone</p>
<ul>
<li><p>Can define trails for specific resources</p>
</li>
<li><p>Global Service</p>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="heading-config">Config</h3>
<ul>
<li><ul>
<li><p>Record configuration changes</p>
<ul>
<li><p>Evaluate resources against compliance rules</p>
</li>
<li><p>Get timeline of changes and compliance</p>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2 id="heading-ex-for-an-elastic-load-balancer">Ex: For an Elastic Load Balancer</h2>
<ul>
<li><p><strong>CloudWatch:</strong></p>
<ul>
<li><p>Monitoring Incoming connections metric</p>
</li>
<li><p>Visualize error codes as % over time</p>
</li>
<li><p>Make a dashboard to get an idea of your load balancer performance</p>
</li>
</ul>
</li>
<li><p><strong>Config:</strong></p>
<ul>
<li><p>Track security group rules for the Load Balancer</p>
</li>
<li><p>Track configuration changes for the Load Balancer</p>
</li>
<li><p>Ensure an SSL certificate is always assigned to the Load Balancer (compliance)</p>
</li>
</ul>
</li>
<li><p><strong>CloudTrail:</strong></p>
<ul>
<li>Track who made any changes to the Load Balancer with API calls</li>
</ul>
</li>
</ul>


# CloudWatch vs CloudTrail vs Config

### CloudWatch

* * Performance monitoring (metrics, CPU, network, etc…) & dashboards
        
    * Events & Alerting
        
    * Log Aggregation & Analysis
        

### CloudTrail

* * Record API calls made within your Account by everyone
        
    * Can define trails for specific resources
        
    * Global Service
        

### Config

* * Record configuration changes
        
    * Evaluate resources against compliance rules
        
    * Get timeline of changes and compliance
        

## Ex: For an Elastic Load Balancer

* **CloudWatch:**
    
    * Monitoring Incoming connections metric
        
    * Visualize error codes as % over time
        
    * Make a dashboard to get an idea of your load balancer performance
        
* **Config:**
    
    * Track security group rules for the Load Balancer
        
    * Track configuration changes for the Load Balancer
        
    * Ensure an SSL certificate is always assigned to the Load Balancer (compliance)
        
* **CloudTrail:**
    
    * Track who made any changes to the Load Balancer with API calls

CloudWatch: Monitoring. CloudTrail: API call tracking. Config: Configuration compliance

CloudWatch vs CloudTrail vs Config

Table of contents

CloudWatch vs CloudTrail vs Config

CloudWatch

CloudTrail

Config

Ex: For an Elastic Load Balancer