Skip to main content


Supported Platform

  • aws


AWS Cloudtrail Trail

The aws.cloudtrail.trail object represents an individual AWS CloudTrail configured within an account. For usage see the aws.cloudtrail resource.


arnstringARN of the trail
namestringname of the trail
kmsKeyaws.kms.keyKMS key used to encrypt the logs
isMultiRegionTrailboolspecifies if trail exists only in one region or multiple
isOrganizationTrailboolwhether trail is organization trail (logs events for mgmt and member accts of org)
logFileValidationEnabledboolwhether log file validation is enabled
includeGlobalServiceEventsbooltrue if api calls from global services are included
s3bucketaws.s3.buckets3 bucket where trail files are delivered
snsTopicARNstringARN of the SNS topic that the trail uses to send notifications
statusdictJSON list of information about the trail
logGroupaws.cloudwatch.loggrouplog group to which trail files will be delivered
cloudWatchLogsRoleArnstringrole for logs endpoint to assume when writing to log group
eventSelectors[]dictsettings for the trail's configured event selectors
regionstringregion in which the trail was created (home region)