Skills
skills/aws/agent-toolkit-for-aws/setting-up-cloudtrail-multi-region/Gen Agent Trust Hub

setting-up-cloudtrail-multi-region

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • Standard AWS CLI Operations: The skill utilizes aws cloudtrail, aws s3api, and aws logs commands to provision security infrastructure. These are standard management operations for AWS environments.
  • Security Configuration Best Practices: The instructions include enabling log file validation, S3 versioning, lifecycle policies, and KMS encryption, which are recommended configurations for maintaining a secure audit trail.
  • IAM Role Orchestration: The skill creates a specialized IAM role to allow CloudTrail to write to CloudWatch Logs. It correctly advises against using broad permissions and provides guidance on the specific actions required for the setup.
  • Operational Monitoring: It includes CloudWatch Logs Insights query templates for detecting sensitive activities like root account usage or IAM policy changes, enhancing the security posture of the AWS account.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 02:36 AM