Use Case for AWS CloudTrail Redundant Regional
Quick Links
- Configure AWS CloudTrail Redundant Regional
- Use Case for AWS CloudTrail Redundant Regional
- Triage Guides by Violation Type
AWS CloudTrail Redundant Regional
Why Use This Policy?
This policy is essential for identifying and eliminating redundant regional AWS CloudTrail trails. The first CloudTrail trail in each region is free, but additional trails can incur unnecessary costs. By using this policy, you ensure that your organization is not incurring extra expenses due to redundant trails.
Pros:
- Cost Savings: Reduce unnecessary costs by identifying redundant trails.
- Efficiency: Simplifies management by ensuring only necessary trails are active.
Cons:
- Limited Scope: Only addresses regional trails and not global or organizational trails.
How the Policy Works
This policy identifies CloudTrail trails in a single region and classifies them into three categories: multi-region trails, organization trails, and regional trails. If there is more than one regional trail in a region, it flags a violation.
Variables
- None: This policy does not require any specific user-defined variables.
Violation Types
REDUNDANT_REGIONAL_TRAIL
- Description: Indicates that there is more than one regional trail within a specific region.
The policy works by counting the number of different types of trails within an AWS region. A violation is recorded if the number of regional trails exceeds one. This helps ensure cost efficiency by removing redundant resources.