Configuring Cloud Trail
For create-trail command, specify
- –name specifies the name of the trail.
- –s3-bucket-name specifies the existing Amazon S3 bucket you created when you turned on CloudTrail in first account (111111111111 in this example).
- –s3-prefix specifies a prefix for the log file delivery path (optional).
- –is-multi-region-trail specifies that this trail will log events in all AWS Regions.
Log file prefix field
- enter same prefix you entered for storing log files when you turned on CloudTrail using account credentials.
- Edit bucket policy on destination bucket to allow CloudTrail to write log files to bucket using this new prefix.
CloudTrail Limits
| Resource | Default Limit | Comments |
| Trails per region | 5 | This limit cannot be increased. |
| Get, describe, and list APIs | 10 transactions per second (TPS) | The maximum number of operation requests you can make per second without being throttled. The LookupEvents API is not included in this category. This limit cannot be increased. |
| LookupEvents API | 2 transactions per second (TPS) | The maximum number of operation requests you can make per second without being throttled. This limit cannot be increased. |
| All other APIs | 1 transaction per second (TPS) | The maximum number of operation requests you can make per second without being throttled. This limit cannot be increased. |
| Event selectors | 5 per trail | This limit cannot be increased. |
| Data resources in event selectors | 250 across all event selectors in a trail | The total number of data resources cannot exceed 250 across all event selectors in a trail. The limit of number of resources on an individual event selector is configurable up to 250. This upper limit is allowed only if the total number of data resources does not exceed 250 across all event selectors. This limit cannot be increased. |
AWS Certified Solutions Architect Associate Free Practice TestTake a Quiz