aws.cloudtrail
Supported platform
- aws
Description
AWS CloudTrail
Use the aws.cloudtrail resource to assess the configuration of AWS CloudTrails deployed within an AWS account. The resource provides the .trails field, which creates a list of aws.cloudtrail.trail resources representing all CloudTrails configured across every enabled region.
Fields
| ID | TYPE | DESCRIPTION |
|---|---|---|
| trails | []aws.cloudtrail.trail | List of CloudTrail trails associated with the account |
Examples
Return a list of aws.cloudtrail.trail resources representing all AWS Cloud Trails configured across all enabled regions and the values for specified fields
aws.cloudtrail.trails {
arn
name
kmsKey
isMultiRegionTrail
isOrganizationTrail
logFileValidationEnabled
includeGlobalServiceEvents
s3bucket
snsTopicARN
status
logGroup
cloudWatchLogsRoleArn
cloudWatchLogsLogGroupArn
eventSelectors
region
}
aws.cloudtrail.trails.any(
isMultiRegionTrail && status['IsLogging']
)
References