Global services are not monitored by exactly one CloudTrail trail Affecting CloudTrail service in AWS

Snyk CCSS

Logging / Configuration

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls HIPAA NIST-800-53

Snyk ID SNYK-CC-00129
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Exactly one CloudTrail trail should monitor global services. If you have multiple single region trails, AWS recommends configuring your trails so that global service events are delivered in only one of the trails.

How to fix?

Ensure there is exactly one aws_cloudtrail with include_global_service_events set to true.

Example Configuration

resource "aws_cloudtrail" "valid_trail" {
  name = "valid_trail"
  s3_bucket_name = "${aws_s3_bucket.ct_bucket.id}"
  include_global_service_events = true
}

Terraform

Resource: aws_cloudtrail

References

Global service events