aws.cloudtrail
Supported Platform
- aws
Description
AWS Cloudtrail enables risk auditing of your AWS account
The aws.cloudtrail resource can be used to assess the configuration of AWS CloudTrails deployed within an AWS account. The resource provides the .trails field which creates a list of aws.cloudtrail.trail resources representing all CloudTrails configured across every enabled region.
Fields
| ID | TYPE | DESCRIPTION |
|---|---|---|
| trails | []aws.cloudtrail.trail | a list of cloudtrail trails associated with the account |
Examples
Return a list of aws.cloudtrail.trail resources representing all AWS Cloud Trails configured across all enabled regions and the values for specified fields
aws.cloudtrail.trails {
arn
name
kmsKey
isMultiRegionTrail
isOrganizationTrail
logFileValidationEnabled
includeGlobalServiceEvents
s3bucket
snsTopicARN
status
logGroup
cloudWatchLogsRoleArn
eventSelectors
region
}
aws.cloudtrail.trails.any(isMultiRegionTrail && status["IsLogging"]);
References