[Enhancement]: Dedicated resource for CloudTrail event selectors

[sebolabs]

Description

Currently, there's a single aws_cloudtrail resource for managing the trail configuration including data, insights and network activity events. However, there are use cases where we want to detach the trail creation itself from data events configuration that could be spread across different modules to be close to their corresponding data sources. Going for all buckets every time is not a solution because of many reasons, and especially now when there's that advanced event selector allowing for more granular set-up targeting specific logging requirements.
Considering AWS allows for up to 5 trails in a single AWS account (hard limit), it's required to plan the usage of CloudTrail accordingly and it usually results in having static references to buckets when not going for all of them.

When you check the CloudTrail API reference there's:

• CreateTrail
• PutEventSelectors
• PutInsightSelectors
• etc.

and so it should be possible to implement that improvement.
At the same time, I think it would be worth adding an aws_cloudtrail data source.

Affected Resource(s) and/or Data Source(s)

aws_cloudtrail

Potential Terraform Configuration

No response

References

• AWS CloudTrail API operations
• CreateTrail
• PutEventSelectors
• PutInsightSelectors

Would you like to implement a fix?

No

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.