search

org-formation / aws-resource-providers

A community driven repository where you can find AWS Resource Type Providers for different purposes (including org-formation ones).
MIT License
88 stars 21 forks source link

resource provider to enable cloudtrail for organizations #81

Closed zaro0508 closed 2 years ago

zaro0508 commented 3 years ago

I just noticed that AWS added support for easily setting up cloudtrail for an organization. It looks like you just need to set Enable for all accounts in my organization and AWS will do all the work to setup log aggregation from all accounts to a bucket on the organizations master account. https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html

The IsOrganizationTrail setting is not supported by cloudformation however there is an cloudtrail API for it, https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CloudTrail.html

Would be great to have a resource provider to allow users to easily enable cloudtrail at the organization level.

mbarneyjr commented 2 years ago

This is now supported natively in CloudFormation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-isorganizationtrail