Ensure Alibaba Cloud Action Trail logging across all regions

ActionTrail allows you to create up to five trails in each region to deliver events to OSS buckets and Log Service Logstores. This helps you track different types of events generated in different regions and back up various types of audit data for organization members based on their responsibilities.

Suggest Edits

Risk Level: medium
Platform: Alicloud
Spectral Rule ID: TFALCLD001

REMEDIATION

in alicloud_actiontrail_trail[%s], set trail_region and event_rw to 'All', and set a name to oss_bucket_name

- event_rw           = "Write"
+ event_rw           = "All"

- trail_region       = "cn-beijing"
+ trail_region       = "All"

+ oss_bucket_name    = "bucket_name"

https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/actiontrail_trail#trail_region
https://www.alibabacloud.com/help/doc-detail/28829.html

Updated about 1 year ago

REMEDIATION

Read more: