Merge pull request #5051 from TimeIncOSS/f-aws-cloudtrail-fields
provider/aws: Add support for CloudTrail log validation + KMS encryption
This commit is contained in:
commit
05b6af5d83
|
@ -57,6 +57,23 @@ func resourceAwsCloudTrail() *schema.Resource {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
|
"enable_log_file_validation": &schema.Schema{
|
||||||
|
Type: schema.TypeBool,
|
||||||
|
Optional: true,
|
||||||
|
Default: false,
|
||||||
|
},
|
||||||
|
"kms_key_id": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
},
|
||||||
|
"home_region": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Computed: true,
|
||||||
|
},
|
||||||
|
"arn": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Computed: true,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -81,6 +98,12 @@ func resourceAwsCloudTrailCreate(d *schema.ResourceData, meta interface{}) error
|
||||||
if v, ok := d.GetOk("is_multi_region_trail"); ok {
|
if v, ok := d.GetOk("is_multi_region_trail"); ok {
|
||||||
input.IsMultiRegionTrail = aws.Bool(v.(bool))
|
input.IsMultiRegionTrail = aws.Bool(v.(bool))
|
||||||
}
|
}
|
||||||
|
if v, ok := d.GetOk("enable_log_file_validation"); ok {
|
||||||
|
input.EnableLogFileValidation = aws.Bool(v.(bool))
|
||||||
|
}
|
||||||
|
if v, ok := d.GetOk("kms_key_id"); ok {
|
||||||
|
input.KmsKeyId = aws.String(v.(string))
|
||||||
|
}
|
||||||
if v, ok := d.GetOk("s3_key_prefix"); ok {
|
if v, ok := d.GetOk("s3_key_prefix"); ok {
|
||||||
input.S3KeyPrefix = aws.String(v.(string))
|
input.S3KeyPrefix = aws.String(v.(string))
|
||||||
}
|
}
|
||||||
|
@ -136,6 +159,15 @@ func resourceAwsCloudTrailRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
d.Set("include_global_service_events", trail.IncludeGlobalServiceEvents)
|
d.Set("include_global_service_events", trail.IncludeGlobalServiceEvents)
|
||||||
d.Set("is_multi_region_trail", trail.IsMultiRegionTrail)
|
d.Set("is_multi_region_trail", trail.IsMultiRegionTrail)
|
||||||
d.Set("sns_topic_name", trail.SnsTopicName)
|
d.Set("sns_topic_name", trail.SnsTopicName)
|
||||||
|
d.Set("enable_log_file_validation", trail.LogFileValidationEnabled)
|
||||||
|
|
||||||
|
// TODO: Make it possible to use KMS Key names, not just ARNs
|
||||||
|
// In order to test it properly this PR needs to be merged 1st:
|
||||||
|
// https://github.com/hashicorp/terraform/pull/3928
|
||||||
|
d.Set("kms_key_id", trail.KmsKeyId)
|
||||||
|
|
||||||
|
d.Set("arn", trail.TrailARN)
|
||||||
|
d.Set("home_region", trail.HomeRegion)
|
||||||
|
|
||||||
logstatus, err := cloudTrailGetLoggingStatus(conn, trail.Name)
|
logstatus, err := cloudTrailGetLoggingStatus(conn, trail.Name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -171,6 +203,12 @@ func resourceAwsCloudTrailUpdate(d *schema.ResourceData, meta interface{}) error
|
||||||
if d.HasChange("is_multi_region_trail") {
|
if d.HasChange("is_multi_region_trail") {
|
||||||
input.IsMultiRegionTrail = aws.Bool(d.Get("is_multi_region_trail").(bool))
|
input.IsMultiRegionTrail = aws.Bool(d.Get("is_multi_region_trail").(bool))
|
||||||
}
|
}
|
||||||
|
if d.HasChange("enable_log_file_validation") {
|
||||||
|
input.EnableLogFileValidation = aws.Bool(d.Get("enable_log_file_validation").(bool))
|
||||||
|
}
|
||||||
|
if d.HasChange("kms_key_id") {
|
||||||
|
input.KmsKeyId = aws.String(d.Get("kms_key_id").(string))
|
||||||
|
}
|
||||||
if d.HasChange("sns_topic_name") {
|
if d.HasChange("sns_topic_name") {
|
||||||
input.SnsTopicName = aws.String(d.Get("sns_topic_name").(string))
|
input.SnsTopicName = aws.String(d.Get("sns_topic_name").(string))
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,6 +25,8 @@ func TestAccAWSCloudTrail_basic(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "include_global_service_events", "true"),
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "include_global_service_events", "true"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
resource.TestStep{
|
resource.TestStep{
|
||||||
|
@ -33,6 +35,8 @@ func TestAccAWSCloudTrail_basic(t *testing.T) {
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "s3_key_prefix", "/prefix"),
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "s3_key_prefix", "/prefix"),
|
||||||
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "include_global_service_events", "false"),
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "include_global_service_events", "false"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -54,6 +58,8 @@ func TestAccAWSCloudTrail_enable_logging(t *testing.T) {
|
||||||
// AWS will create the trail with logging turned off.
|
// AWS will create the trail with logging turned off.
|
||||||
// Test that "enable_logging" default works.
|
// Test that "enable_logging" default works.
|
||||||
testAccCheckCloudTrailLoggingEnabled("aws_cloudtrail.foobar", true, &trail),
|
testAccCheckCloudTrailLoggingEnabled("aws_cloudtrail.foobar", true, &trail),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
resource.TestStep{
|
resource.TestStep{
|
||||||
|
@ -61,6 +67,8 @@ func TestAccAWSCloudTrail_enable_logging(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
testAccCheckCloudTrailLoggingEnabled("aws_cloudtrail.foobar", false, &trail),
|
testAccCheckCloudTrailLoggingEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
resource.TestStep{
|
resource.TestStep{
|
||||||
|
@ -68,6 +76,8 @@ func TestAccAWSCloudTrail_enable_logging(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
testAccCheckCloudTrailLoggingEnabled("aws_cloudtrail.foobar", true, &trail),
|
testAccCheckCloudTrailLoggingEnabled("aws_cloudtrail.foobar", true, &trail),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -87,6 +97,8 @@ func TestAccAWSCloudTrail_is_multi_region(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "is_multi_region_trail", "false"),
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "is_multi_region_trail", "false"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
resource.TestStep{
|
resource.TestStep{
|
||||||
|
@ -94,6 +106,8 @@ func TestAccAWSCloudTrail_is_multi_region(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "is_multi_region_trail", "true"),
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "is_multi_region_trail", "true"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
resource.TestStep{
|
resource.TestStep{
|
||||||
|
@ -101,6 +115,42 @@ func TestAccAWSCloudTrail_is_multi_region(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "is_multi_region_trail", "false"),
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "is_multi_region_trail", "false"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestAccAWSCloudTrail_logValidation(t *testing.T) {
|
||||||
|
var trail cloudtrail.Trail
|
||||||
|
|
||||||
|
// TODO: Add test for KMS Key ID
|
||||||
|
// once https://github.com/hashicorp/terraform/pull/3928 is merged
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckAWSCloudTrailDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccAWSCloudTrailConfig_logValidation,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "s3_key_prefix", ""),
|
||||||
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "include_global_service_events", "true"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", true, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccAWSCloudTrailConfig_logValidationModified,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckCloudTrailExists("aws_cloudtrail.foobar", &trail),
|
||||||
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "s3_key_prefix", ""),
|
||||||
|
resource.TestCheckResourceAttr("aws_cloudtrail.foobar", "include_global_service_events", "true"),
|
||||||
|
testAccCheckCloudTrailLogValidationEnabled("aws_cloudtrail.foobar", false, &trail),
|
||||||
|
testAccCheckCloudTrailKmsKeyIdEquals("aws_cloudtrail.foobar", "", &trail),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -155,6 +205,75 @@ func testAccCheckCloudTrailLoggingEnabled(n string, desired bool, trail *cloudtr
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func testAccCheckCloudTrailLogValidationEnabled(n string, desired bool, trail *cloudtrail.Trail) resource.TestCheckFunc {
|
||||||
|
return func(s *terraform.State) error {
|
||||||
|
rs, ok := s.RootModule().Resources[n]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("Not found: %s", n)
|
||||||
|
}
|
||||||
|
|
||||||
|
if trail.LogFileValidationEnabled == nil {
|
||||||
|
return fmt.Errorf("No LogFileValidationEnabled attribute present in trail: %s", trail)
|
||||||
|
}
|
||||||
|
|
||||||
|
if *trail.LogFileValidationEnabled != desired {
|
||||||
|
return fmt.Errorf("Expected log validation status %t, given %t", desired,
|
||||||
|
trail.LogFileValidationEnabled)
|
||||||
|
}
|
||||||
|
|
||||||
|
// local state comparison
|
||||||
|
enabled, ok := rs.Primary.Attributes["enable_log_file_validation"]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("No enable_log_file_validation attribute defined for %s, expected %t",
|
||||||
|
n, desired)
|
||||||
|
}
|
||||||
|
desiredInString := fmt.Sprintf("%t", desired)
|
||||||
|
if enabled != desiredInString {
|
||||||
|
return fmt.Errorf("Expected log validation status %t, saved %t", desiredInString,
|
||||||
|
enabled)
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func testAccCheckCloudTrailKmsKeyIdEquals(n string, desired string, trail *cloudtrail.Trail) resource.TestCheckFunc {
|
||||||
|
return func(s *terraform.State) error {
|
||||||
|
rs, ok := s.RootModule().Resources[n]
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("Not found: %s", n)
|
||||||
|
}
|
||||||
|
|
||||||
|
if desired != "" && trail.KmsKeyId == nil {
|
||||||
|
return fmt.Errorf("No KmsKeyId attribute present in trail: %s, expected %s",
|
||||||
|
trail, desired)
|
||||||
|
}
|
||||||
|
|
||||||
|
// work around string pointer
|
||||||
|
var kmsKeyIdInString string
|
||||||
|
if trail.KmsKeyId == nil {
|
||||||
|
kmsKeyIdInString = ""
|
||||||
|
} else {
|
||||||
|
kmsKeyIdInString = *trail.KmsKeyId
|
||||||
|
}
|
||||||
|
|
||||||
|
if kmsKeyIdInString != desired {
|
||||||
|
return fmt.Errorf("Expected KMS Key ID %q to equal %q",
|
||||||
|
*trail.KmsKeyId, desired)
|
||||||
|
}
|
||||||
|
|
||||||
|
kmsKeyId, ok := rs.Primary.Attributes["kms_key_id"]
|
||||||
|
if desired != "" && !ok {
|
||||||
|
return fmt.Errorf("No kms_key_id attribute defined for %s", n)
|
||||||
|
}
|
||||||
|
if kmsKeyId != desired {
|
||||||
|
return fmt.Errorf("Expected KMS Key ID %q, saved %q", desired, kmsKeyId)
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func testAccCheckAWSCloudTrailDestroy(s *terraform.State) error {
|
func testAccCheckAWSCloudTrailDestroy(s *terraform.State) error {
|
||||||
conn := testAccProvider.Meta().(*AWSClient).cloudtrailconn
|
conn := testAccProvider.Meta().(*AWSClient).cloudtrailconn
|
||||||
|
|
||||||
|
@ -299,3 +418,83 @@ resource "aws_s3_bucket" "foo" {
|
||||||
POLICY
|
POLICY
|
||||||
}
|
}
|
||||||
`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
|
`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
|
||||||
|
|
||||||
|
var testAccAWSCloudTrailConfig_logValidation = fmt.Sprintf(`
|
||||||
|
resource "aws_cloudtrail" "foobar" {
|
||||||
|
name = "tf-acc-trail-log-validation-test"
|
||||||
|
s3_bucket_name = "${aws_s3_bucket.foo.id}"
|
||||||
|
is_multi_region_trail = true
|
||||||
|
include_global_service_events = true
|
||||||
|
enable_log_file_validation = true
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_s3_bucket" "foo" {
|
||||||
|
bucket = "tf-test-trail-%d"
|
||||||
|
force_destroy = true
|
||||||
|
policy = <<POLICY
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Sid": "AWSCloudTrailAclCheck",
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": "*",
|
||||||
|
"Action": "s3:GetBucketAcl",
|
||||||
|
"Resource": "arn:aws:s3:::tf-test-trail-%d"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Sid": "AWSCloudTrailWrite",
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": "*",
|
||||||
|
"Action": "s3:PutObject",
|
||||||
|
"Resource": "arn:aws:s3:::tf-test-trail-%d/*",
|
||||||
|
"Condition": {
|
||||||
|
"StringEquals": {
|
||||||
|
"s3:x-amz-acl": "bucket-owner-full-control"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
POLICY
|
||||||
|
}
|
||||||
|
`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
|
||||||
|
|
||||||
|
var testAccAWSCloudTrailConfig_logValidationModified = fmt.Sprintf(`
|
||||||
|
resource "aws_cloudtrail" "foobar" {
|
||||||
|
name = "tf-acc-trail-log-validation-test"
|
||||||
|
s3_bucket_name = "${aws_s3_bucket.foo.id}"
|
||||||
|
include_global_service_events = true
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_s3_bucket" "foo" {
|
||||||
|
bucket = "tf-test-trail-%d"
|
||||||
|
force_destroy = true
|
||||||
|
policy = <<POLICY
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Sid": "AWSCloudTrailAclCheck",
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": "*",
|
||||||
|
"Action": "s3:GetBucketAcl",
|
||||||
|
"Resource": "arn:aws:s3:::tf-test-trail-%d"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Sid": "AWSCloudTrailWrite",
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": "*",
|
||||||
|
"Action": "s3:PutObject",
|
||||||
|
"Resource": "arn:aws:s3:::tf-test-trail-%d/*",
|
||||||
|
"Condition": {
|
||||||
|
"StringEquals": {
|
||||||
|
"s3:x-amz-acl": "bucket-owner-full-control"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
POLICY
|
||||||
|
}
|
||||||
|
`, cloudTrailRandInt, cloudTrailRandInt, cloudTrailRandInt)
|
||||||
|
|
|
@ -75,9 +75,14 @@ The following arguments are supported:
|
||||||
region or in all regions. Defaults to `false`.
|
region or in all regions. Defaults to `false`.
|
||||||
* `sns_topic_name` - (Optional) Specifies the name of the Amazon SNS topic
|
* `sns_topic_name` - (Optional) Specifies the name of the Amazon SNS topic
|
||||||
defined for notification of log file delivery.
|
defined for notification of log file delivery.
|
||||||
|
* `enable_log_file_validation` - (Optional) Specifies whether log file integrity validation is enabled.
|
||||||
|
Defaults to `false`.
|
||||||
|
* `kms_key_id` - (Optional) Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail.
|
||||||
|
|
||||||
## Attribute Reference
|
## Attribute Reference
|
||||||
|
|
||||||
The following attributes are exported:
|
The following attributes are exported:
|
||||||
|
|
||||||
* `id` - The name of the trail.
|
* `id` - The name of the trail.
|
||||||
|
* `home_region` - The region in which the trail was created.
|
||||||
|
* `arn` - The Amazon Resource Name of the trail.
|
||||||
|
|
Loading…
Reference in New Issue