Use Case for AWS CloudTrail Redundant Trails

Quick Links

Configure AWS CloudTrail Redundant Trails
Use Case for AWS CloudTrail Redundant Trails
Triage Guides by Violation Type
1. Triage AWS CloudTrail Redundant Trails REDUNDANT_GLOBAL_TRAILS

AWS CloudTrail Redundant Trails

Why Use This Policy?

This policy helps identify redundant global CloudTrail trails in your AWS account. Having multiple global trails can lead to unnecessary expenses, as only the first CloudTrail trail is free while additional trails incur costs. By identifying and removing redundant global trails, you can optimize cost utilization.

Pros:

Helps reduce unnecessary costs by identifying redundant global trails.
Ensures efficient use of CloudTrail services.

Cons:

Requires manual intervention to remove redundant trails once identified.
Does not automatically remedy the redundant trails.

How the Policy Works

The policy checks if there are multiple global CloudTrail trails in an AWS account. Specifically, it looks for trails that are enabled for all regions and are located in the primary region of the account.

Variables

None: This policy does not use additional variables.

Violation Types

VIOLATION_REDUNDANT_GLOBAL_TRAILS: This violation occurs when there are more than one global CloudTrail trails in the primary region of an AWS account.

Use Case for AWS CloudTrail Redundant Trails

Quick Links​

AWS CloudTrail Redundant Trails​

Why Use This Policy?​

Pros:​

Cons:​

How the Policy Works​

Variables​

Violation Types​