Skip to main content
← back to extensions

@swamp/aws/cloudtrail

v2026.04.23.3

AWS CLOUDTRAIL infrastructure models

Repository

https://github.com/systeminit/swamp-extensions

Platforms

linux-x86_64linux-aarch64darwin-x86_64darwin-aarch64

Labels

awscloudtrailcloudinfrastructure

Contents

models

Quality score

Verified by Swamp

How well-documented and verifiable this extension is.

100%

Grade A

  • Has README or module doc2/2earned
  • README has a code example1/1earned
  • README is substantive1/1earned
  • Most symbols documented1/1earned
  • No slow types1/1earned
  • Has description1/1earned
  • At least one platform tag (or universal)1/1earned
  • Two or more platform tags (or universal)1/1earned
  • License declared1/1earned
  • Verified public repository2/2earned

Install

$ swamp extension pull @swamp/aws/cloudtrail

@swamp/aws/cloudtrail/channelv2026.04.23.2channel.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
Name?stringThe name of the channel.
Source?stringThe ARN of an on-premises storage solution or application, or a partner event source.
Destinations?arrayOne or more resources to which events arriving through a channel are logged and stored.
Tags?arrayAn array of key-value pairs to apply to this resource.
createCreate a CloudTrail Channel
getGet a CloudTrail Channel
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail Channel
updateUpdate a CloudTrail Channel
deleteDelete a CloudTrail Channel
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail Channel
syncSync CloudTrail Channel state from AWS

Resources

state(infinite)— CloudTrail Channel resource state
@swamp/aws/cloudtrail/dashboardv2026.04.23.2dashboard.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
Widgets?arrayList of widgets on the dashboard
RefreshSchedule?objectConfigures the automatic refresh schedule for the dashboard. Includes the frequency unit (DAYS or HOURS) and value, as well as the status (ENABLED or DISABLED) of the refresh schedule.
Name?stringThe name of the dashboard.
TerminationProtectionEnabled?booleanIndicates whether the dashboard is protected from termination.
Tags?array
createCreate a CloudTrail Dashboard
getGet a CloudTrail Dashboard
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail Dashboard
updateUpdate a CloudTrail Dashboard
deleteDelete a CloudTrail Dashboard
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail Dashboard
syncSync CloudTrail Dashboard state from AWS

Resources

state(infinite)— CloudTrail Dashboard resource state
@swamp/aws/cloudtrail/event-data-storev2026.04.23.2event_data_store.ts

Global Arguments

ArgumentTypeDescription
namestringInstance name for this resource (used as the unique identifier in the factory pattern)
AdvancedEventSelectors?arrayThe advanced event selectors that were used to select events for the data store.
FederationEnabled?booleanIndicates whether federation is enabled on an event data store.
FederationRoleArn?stringThe ARN of the role used for event data store federation.
MultiRegionEnabled?booleanIndicates whether the event data store includes events from all regions, or only from the region in which it was created.
Name?stringThe name of the event data store.
OrganizationEnabled?booleanIndicates that an event data store is collecting logged events for an organization.
BillingMode?stringThe mode that the event data store will use to charge for event storage.
RetentionPeriod?numberThe retention period, in days.
TerminationProtectionEnabled?booleanIndicates whether the event data store is protected from termination.
KmsKeyId?stringSpecifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
Tags?array
InsightSelectors?arrayLets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store.
InsightsDestination?stringSpecifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store
MaxEventSize?enumSpecifies the maximum size allowed for the event. Valid values are Standard and Large. If you add ContextKeySelectors, this value must be set to Large.
ContextKeySelectors?arrayAn array that enriches event records in an existing event data store by including additional information specified in individual ContexKeySelector entries. If you add ContextKeySelectors, you must set MaxEventSize to Large.
IngestionEnabled?booleanIndicates whether the event data store is ingesting events.
createCreate a CloudTrail EventDataStore
getGet a CloudTrail EventDataStore
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail EventDataStore
updateUpdate a CloudTrail EventDataStore
deleteDelete a CloudTrail EventDataStore
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail EventDataStore
syncSync CloudTrail EventDataStore state from AWS

Resources

state(infinite)— CloudTrail EventDataStore resource state
@swamp/aws/cloudtrail/resource-policyv2026.04.23.2resource_policy.ts

Global Arguments

ArgumentTypeDescription
ResourceArnstringThe ARN of the AWS CloudTrail resource to which the policy applies.
ResourcePolicystringA policy document containing permissions to add to the specified resource. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.
createCreate a CloudTrail ResourcePolicy
getGet a CloudTrail ResourcePolicy
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail ResourcePolicy
updateUpdate a CloudTrail ResourcePolicy
deleteDelete a CloudTrail ResourcePolicy
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail ResourcePolicy
syncSync CloudTrail ResourcePolicy state from AWS

Resources

state(infinite)— CloudTrail ResourcePolicy resource state
@swamp/aws/cloudtrail/trailv2026.04.23.2trail.ts

Global Arguments

ArgumentTypeDescription
IncludeGlobalServiceEvents?booleanSpecifies whether the trail is publishing events from global services such as IAM to the log files.
EventSelectors?arrayUse event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log th
KMSKeyId?stringSpecifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.
AggregationConfigurations?arraySpecifies the aggregation configuration to aggregate CloudTrail Events. A maximum of 1 aggregation configuration is allowed.
CloudWatchLogsRoleArn?stringSpecifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group.
S3KeyPrefix?stringSpecifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters.
AdvancedEventSelectors?arrayThe advanced event selectors that were used to select events for the data store.
TrailName?string
IsOrganizationTrail?booleanSpecifies whether the trail is created for all accounts in an organization in AWS Organizations, or only for the current AWS account. The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the master account for an organization in AWS Organizations.
InsightSelectors?arrayLets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail.
CloudWatchLogsLogGroupArn?stringSpecifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn.
SnsTopicName?stringSpecifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.
IsMultiRegionTrail?booleanSpecifies whether the trail applies only to the current region or to all regions. The default is false. If the trail exists only in the current region and this value is set to true, shadow trails (replications of the trail) will be created in the other regions. If the trail exists in all regions and this value is set to false, the trail will remain in the region where it was created, and its shadow trails in other regions will be deleted. As a best practice, consider using trails that log events
S3BucketNamestringSpecifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements.
EnableLogFileValidation?booleanSpecifies whether log file validation is enabled. The default is false.
Tags?array
IsLoggingbooleanWhether the CloudTrail is currently logging AWS API calls.
createCreate a CloudTrail Trail
getGet a CloudTrail Trail
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail Trail
updateUpdate a CloudTrail Trail
deleteDelete a CloudTrail Trail
ArgumentTypeDescription
identifierstringThe primary identifier of the CloudTrail Trail
syncSync CloudTrail Trail state from AWS

Resources

state(infinite)— CloudTrail Trail resource state