21 Days of AWS using Terraform — Day 12- Introduction to CloudTrail using Terraform

Welcome to Day 12 of 21 Days of AWS using Terraform. The topic for today is Introduction to CloudTrail using Terraform

What Is AWS CloudTrail?

AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.

  • It’s enabled when the account is created(for 7 days)
  • When activity occurs in your AWS account, that activity is recorded in a CloudTrail event.
  • Entries can be viewed in Event History(for 90 days)
  • Event logs can be aggregated across accounts and regions.


  • Historically CloudTrail was not enabled by default
  • It won’t logs events like SSH/RDP only API call.
CloudTrail Dashboard(Most Recent Events)

Reference: https://aws.amazon.com/blogs/aws/new-aws-api-activity-lookup-in-cloudtrail/

For an ongoing record of activity and events in your AWS account, create a trail. It allows us to send logs to S3 bucket and can be single or multi-region.

To create a trail

To read the complete blog

GitHub Link


Looking forward for you guys to join this journey

AWS Community Builder, Ex-Redhat, Author, Blogger, YouTuber, RHCA, RHCDS, RHCE, Docker Certified,4XAWS, CCNA, MCP, Certified Jenkins, Terraform Certified, 1XGCP