AWS CloudTrail trail
aws.cloudtrail.trail MQL resource for querying AWS infrastructure with cnquery and cnspec.
AWSPrivate Resource
AWS CloudTrail trail
Min version: 5.15.0Defaults:
name regionRelationships
5 resources · 6 relationships·Click to select, expand fields to see properties.
Fields (15)
| Field | Type | Description |
|---|---|---|
arnrequired | string | ARN of the trail |
cloudWatchLogsLogGroupArnrequired | string | Group for logs endpoint to assume when writing to log group |
cloudWatchLogsRoleArnrequired | string | Role for logs endpoint to assume when writing to log group |
eventSelectors | []dict | Settings for the trail's configured event selectors |
includeGlobalServiceEventsrequired | int | Whether API calls from global services are included |
isMultiRegionTrailrequired | int | Whether the trail exists in multiple regions (false if single region) |
isOrganizationTrailrequired | int | Whether the trail is an organization trail (logs events for management and member accounts of the organization) |
kmsKey | aws.kms.key | KMS key used to encrypt the logs |
logFileValidationEnabledrequired | int | Whether log file validation is enabled |
logGroup | aws.cloudwatch.loggroup | Log group where trail files are delivered |
namerequired | string | Name of the trail |
regionrequired | string | Region in which the trail was created (home region) |
s3bucket | aws.s3.bucket | S3 bucket where trail files are delivered |
snsTopicARNrequired | string | ARN of the SNS topic that the trail uses to send notifications |
status | dict | JSON list of information about the trail |