AWS Org CloudTrail - Member Account Not Added Automatically
CloudTrail has been setup to log all member accounts under the AWS Organizations. A new account is created however, the trail is not visible from the member account and nothing is being logged. Anyone know where to look to understand why this new account is not associated the main cloudtrail that was setup to do logging for all member accounts?
When you added new member account in the org, the trail was NOT added to the account? If the trail has been enabled to the admin account of the org with IsOrganizationTrail true, the trail should be automatically added to new member accounts at the same time as created the accounts.
Did you setup anything SCP? (e.g. Deny create-trail)
If SCPs were blocking create-trail would removing this automatically fix the issue or are further steps required?
How to remove member accounts from Organizations?asked 4 months ago
Using Cloud Trail Console to view all events in multi-account CloudTrail ( created via Organizations )Accepted Answerasked 2 months ago
AWS Org CloudTrail - Member Account Not Added Automaticallyasked 7 months ago
Cannot add AWS Management Account as member of Security HubAccepted Answerasked 4 months ago
Free Tier in AWS Organizations Sub-Accountasked 7 months ago
AWS Organization Migration from one Account to another account, resources are not visibleasked a month ago
How to delete AWS member account if there is no access to email used to create that account?Accepted Answerasked 4 months ago
How to reduce the cost for cloudtrail loggingasked 6 months ago
Cloudtrail event notificationsAccepted Answer
Member account root user best practices