Class CloudTrailConfig

GlobalConfig / LoggingConfig / CloudTrailConfig / AccountCloudTrailConfig

AWS Cloudtrail configuration

Example

cloudtrail:
  enable: true
  organizationTrail: true
  organizationTrailSettings:
    multiRegionTrail: true
    globalServiceEvents: true
    managementEvents: true
    s3DataEvents: true
    lambdaDataEvents: true
    sendToCloudWatchLogs: true
    apiErrorRateInsight: false
    apiCallRateInsight: false
  accountTrails: []
  lifecycleRules: []

Hierarchy

  • CloudTrailConfig

Implements

Constructors

constructor

Properties

accountTrails enable lifecycleRules organizationTrail organizationTrailSettings

Constructors

constructor

Properties

Readonly accountTrails

accountTrails: AccountCloudTrailConfig[] = []

Optional configuration of account level CloudTrails. Can be used with or without an Organization Trail

Readonly enable

enable: false = false

Indicates whether AWS Cloudtrail enabled.

Cloudtrail a service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. This setting does not create any trails. You will also need to either and organization trail or setup account level trails.

Readonly lifecycleRules

lifecycleRules: LifeCycleRule[] = []

Optional S3 Log Bucket Lifecycle rules

Readonly organizationTrail

organizationTrail: false = false

Indicates whether AWS OrganizationTrail enabled.

When OrganizationTrail and cloudtrail is enabled accelerator will enable trusted access designates CloudTrail as a trusted service in your organization. A trusted service can query the organization's structure and create service-linked roles in the organization's accounts.

Readonly organizationTrailSettings

organizationTrailSettings: CloudTrailSettingsConfig = ...

Optional configuration of the organization trail. OrganizationTrail must be enabled in order to use these settings

Settings

Member Visibility

Theme

Generated using TypeDoc