April 2019
Intermediate to advanced
508 pages
11h 57m
English
Another set of options that avoid the StopLogging API would be to either delete the CloudTrail trail altogether or delete the S3 bucket it is sending its logs to. We can delete a trail named test from the AWS CLI with the following command:
aws cloudtrail delete-trail --name test
This can also be done with Pacu, by running the same command we used earlier to disable the trail, but by choosing the delete (del) option instead:
run detection__disruption --trails test@us-east-1
Once prompted for what to do to the trail, we would select del, which would subsequently delete the CloudTrail completely, meaning logging has stopped.
We could also delete the S3 bucket that a certain trail is delivering logs to, which would ...
Read now
Unlock full access