DEV Community

AWS Community Builders profile image GargeeBhatnagar
GargeeBhatnagar for AWS Community Builders

Posted on

Geolocation Observability in Amazon Detective

#aws #amazondetective #iam #geolocation

“ I have checked the documents of AWS for geolocation observability in amazon detective. Amazon detective makes it easy to trace logs of resources and further investigate it. In terms of cost, the solution is cheaper and secure.”

Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis and graph theory to build a dataset that you can use to conduct more efficient security investigations.

In this post, you will experience the geolocation observability in amazon detective. Here I have kept the same account for detective service enabled and also we can add members accounts in it for security investigations.

Architecture Overview


The architecture diagram shows the overall deployment architecture with data flow, detective and iam policy.

Solution Overview

The blog post consists of the following phases:

  1. Addition of Member Account in Amazon Detective
  2. Output of Detective Geolocation

Phase 1: Addition of Member Account in Amazon Detective

  1. Open the Amazon detective console, click on the get started. First check the attach policy from IAM and enable the detective for the same account with adding tags on it. Once the detective is enabled, we can view the status in the account management tab. We can add the members account in it via invite send option and using aws organizations. We can integrate it with security lake service. We can see the table length, timestamp preferences and group summary under preferences tab. We can see the further usage for member accounts on usage tab.

  1. In the search tab, we can view the findings for the appropriate selected type.

Phase 2: Output of Detective Geolocation

Clean-up

Disable detective.

Pricing

I review the pricing and estimated cost of this example.

Cost of Amazon Detective =

Amazon Detective USE1-FreeDataAnalyzed-Bytes = USD 0.00 per GB of data analyzed(free trial) US East(N Virginia) region = 0GB = $0.00

Cost of IAM Policy = $0.00

Total Cost = $0.00

Summary

In this post, I showed “geolocation observability in amazon detective”.
For more details on Amazon Detective, Checkout Get started Amazon Detective, open the Amazon Detective console. To learn more, read the Amazon Detective documentation.

Thanks for reading!

Connect with me: Linkedin

Top comments (0)