====== CloudTrail for IAM Logging ======

**What it is:** Using CloudTrail to capture IAM-related API events.

**What it’s for:**
  * Audit changes to users, roles, policies, access keys.
  * Support compliance requirements.

**Exam takeaway:**
  * Logging IAM actions is a security best practice.

**Hard words:**
  * *capture* /ˈkæptʃər/: ghi nhận/bắt lại
  * *compliance* /kəmˈplaɪəns/: tuân thủ