Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using service-linked roles for CloudTrail

Amazon CloudTrail uses Amazon Identity and Access Management (IAM) service-linked roles. A service-linked role is a unique type of IAM role that is linked directly to CloudTrail. Service-linked roles are predefined by CloudTrail and include all the permissions that the service requires to call other Amazon services on your behalf.

Supported Regions for CloudTrail service-linked roles

CloudTrail supports using service-linked roles in all of the Amazon Web Services Regions where CloudTrail and Organizations are both available. For more information, see Amazon Regions and endpoints in the Amazon Web Services General Reference.

Supported Regions for CloudTrail service-linked roles

CloudTrail supports using service-linked roles in all of the Regions where CloudTrail and EventBridge are available. For more information, see Amazon Regions and endpoints.