Basic CloudTrail Trail
๐ฆ Overviewโ
This Terraform module provisions a basic AWS CloudTrail trail to log API calls across your AWS account.
It captures governance, compliance, and operational activity and stores the logs in a designated S3 bucket.
โ Key Featuresโ
- Creates a named CloudTrail trail scoped to the current region
- Sends API activity logs to a specified Amazon S3 bucket
- Enables foundational observability and traceability
- Tags the trail with environment-specific metadata
๐ผ Use Casesโ
- Auditing AWS account activity
- Meeting compliance or regulatory log retention requirements
- Troubleshooting operational or security incidents
๐ฅ Input Variablesโ
| Name | Type | Description |
|---|---|---|
| region | string | AWS region for trail creation |
| trail_name | string | Name of the CloudTrail trail |
| s3_bucket_name | string | Name of the S3 bucket that will store log files |
| environment | string | Environment tag for resource labeling (e.g., dev/prod) |
๐ค Outputsโ
| Name | Description |
|---|---|
| cloudtrail_trail_arn | ARN of the created CloudTrail trail |
| cloudtrail_trail_name | Name of the created trail |
๐ Deployment Readinessโ
- โ Compatible with Terraform 1.0+
- โ Requires AWS Provider 5.x or later
- โ๏ธ Assumes the target S3 bucket is pre-created
๐ ๏ธ Example Usageโ
module "cloudtrail_basic" {
source = "git::ssh://git@github.com/archiphire/aws-level-1-modules.git//logging/cloudtrail-basic?ref=v1.0.0"
region = "us-east-1"
trail_name = "archiphire-trail"
s3_bucket_name = "archiphire-cloudtrail-logs"
environment = "dev"
}
terraform init
terraform plan
terraform apply
or
tofu init
tofu plan
tofu apply
๐งน Cleanup Optionsโ
Terraform Destroy:
terraform destroy
or
tofu destroy
Manual Deletion:
aws cloudtrail delete-trail --name archiphire-trail
๐ก๏ธ Notesโ
This is a Level 1 logging module designed for basic CloudTrail setup. To enable multi-region logging, CloudWatch integration, or cross-account delivery, extend this with a Level 2 observability or compliance stack.
๐ Deployment Package Noticeโ
This module is part of the Level 1 AWS License Tier. To access the full deployment package and source code, subscribe to Archiphire.