How to do it...

We can create a trail in CloudTrail as follows:

  1. Log in to the CloudTrail service in the console.
  2. Click on Trails from the left sidebar.
  3. Click on Create trail.
  4. Set a meaningful name for the Trail name. For Apply trail to all regions, select Yes:

If you are following this recipe from an AWS Organizations master account, you will also see the option to Apply trail to my organization. If you want to enable CloudTrail for all accounts within an Organization and use the current account as the master log account, set the option to Yes. For more details on cross-account CloudTrail logging, refer to the Cross-account CloudTrail logging ...

Get AWS Security Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.