How To Create CloudTrail In AWS Organization

How To Create CloudTrail In AWS Organization

How To Create CloudTrail In AWS Organization

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed how to create regional and global CloudTrail in AWS.

https://cloudaffaire.com/how-to-create-a-new-trail-in-aws-cloudtrail/

In today’s blog post, we will discuss how to create CloudTrail in AWS Organization. If you have created an organization in AWS Organizations, you can also create a trail that will log all events for all AWS accounts in that organization. This is referred to as an organization trail. Organization trails can apply to all AWS Regions or one Region.

How To Create CloudTrail In AWS Organization:

Prerequisites:

  • AWS CLI installed and configured with proper access. You can use below link to install and configure AWS CLI.

https://cloudaffaire.com/how-to-install-aws-cli/

https://cloudaffaire.com/how-to-configure-aws-cli/

  • AWS Organization with multiple member accounts. You can use below link to create your 1st AWS Organization.

https://cloudaffaire.com/how-to-manage-aws-organization-using-api/

Step 1: Check if CloudTrail is enabled as a trusted service in your organization

Step 2: Enable CloudTrail as a trusted service in your AWS organization (If not enabled already)

Step 3: Create a S3 bucket in your organization management account with the required bucket policy.

Step 4: Create an Organizational CloudTrail Using AWS CLI

Observe, though we have created the CloudTrail in organization level logging is not yet started. Next, we will enable logging for your CloudTrail.

Step 5: Enable logging for your organizational CloudTrail.

Observe, if you enable CloudTrail in organization level, CloudTrail creates below bucket prefix to store your logs –

<your_s3_bucket>/AWSLogs/<your_organization_id>/<management|member_account_id>/

Step 6: View your organizational CloudTrail logs

We have successfully created trail in our organization and enabled CloudTrail logging for all the members accounts in our organization. Next, we will delete all the resources created in this blog.

Step 7: Clean-up

Hope you have enjoyed this article. To know more about AWS CloudTrail, please refer below official documentation

https://docs.aws.amazon.com/cloudtrail/index.html

Leave a Reply

Close Menu