aws.cloudtrail
Supported Platform
- aws
Description
AWS Cloudtrail enables risk auditing of your AWS account
The aws.cloudtrail
resource can be used to assess the configuration of AWS CloudTrails deployed within an AWS account. The resource provides the .trails
field which creates a list of aws.cloudtrail.trail
resources representing all CloudTrails configured across every enabled region.
Fields
ID | TYPE | DESCRIPTION |
---|---|---|
trails | []aws.cloudtrail.trail | a list of cloudtrail trails associated with the account |
Examples
Return a list of aws.cloudtrail.trail
resources representing all AWS Cloud Trails configured across all enabled regions and the values for specified fields
aws.cloudtrail.trails {
arn
name
kmsKey
isMultiRegionTrail
isOrganizationTrail
logFileValidationEnabled
includeGlobalServiceEvents
s3bucket
snsTopicARN
status
logGroup
cloudWatchLogsRoleArn
eventSelectors
region
}
aws.cloudtrail.trails.any(isMultiRegionTrail && status["IsLogging"]);
References