AWS CloudTrail is an AWS service that helps you enable governance, compliance and operational and risk auditing of your AWS account. Action taken by a user, role or an AWS service are recorded as events in CloudTrail Events include ations taken in the AWS Management Console, AWS Command Line Interface and AWS SDK and APIs.
Visibility into your AWS account activity is the key aspect of security and operational best practices. You can use CloudTrail to view, search, download , archive, analyze and respond to account activity across your AWS infrastructure. You can identify who or what took which action, what resources were acted upon, when the event occured, and other details to help you analyze and respond to activity in your AWS account.
For more detail, please visit the below URL: