resource provider to enable cloudtrail for organizations
zaro0508 opened this issue · 1 comments
I just noticed that AWS added support for easily setting up cloudtrail for an organization. It looks like you just need to set Enable for all accounts in my organization and AWS will do all the work to setup log aggregation from all accounts to a bucket on the organizations master account. https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html
The IsOrganizationTrail setting is not supported by cloudformation however there is an cloudtrail API for it,
https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CloudTrail.html
Would be great to have a resource provider to allow users to easily enable cloudtrail at the organization level.
This is now supported natively in CloudFormation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html#cfn-cloudtrail-trail-isorganizationtrail