Policy: AWS > Turbot > Audit Trail > CloudTrail > Trail > S3 Bucket
The name of an S3 bucket to which the Guardrails Trail will be delivered.
CloudTrail must write to S3, thus this policy is required. The S3 bucket must already exist (the stack will not create it) and the CloudTrail service must be allowed write access. The bucket can reside in any region of any account.
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
Policy Packs
This policy setting is used by the following policy packs:
Policy Specification
Schema Type |
|
---|---|
Default template |
|
Default template input |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceLogging
- tmod:@turbot/aws#/policy/types/trailBucket
- turbot graphql policy-type --id "tmod:@turbot/aws#/policy/types/trailBucket"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws#/policy/types/trailBucket"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI