CloudTrail has no the SNS topic name configured

ID

aws_cloudtrail_sns_topic_name

Severity

low

Vendor

AWS

Resource

Logging

Tags

non-reachable

Description

CloudTrail has no the SNS topic name configured. Ensure that your CloudTrail is configured to use active SNS topics in order to receive a notification for every log file delivery made to the associated target.

To fix it, you must configure sns_topic_name property.

Learn more about this topic at AWS SNS notifications.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: cloudtrail
      amazon.aws.cloudtrail:
        state: present
        name: default
        s3_bucket_name: mylogbucket
        s3_key_prefix: cloudtrail
        region: us-east-1

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: cloudtrail
      amazon.aws.cloudtrail:
        state: present
        name: default
        s3_bucket_name: mylogbucket
        s3_key_prefix: cloudtrail
        region: us-east-1
        sns_topic_name: topic_name