diff --git a/cloudtrail/README.md b/cloudtrail/README.md
index 99eea12..a5227ef 100644
--- a/cloudtrail/README.md
+++ b/cloudtrail/README.md
@@ -101,6 +101,7 @@ No modules.
 | <a name="input_account_id"></a> [account\_id](#input\_account\_id) | AWS Account ID (default will pull from current user) | `string` | `""` | no |
 | <a name="input_cloudtrail_bucket_prefix"></a> [cloudtrail\_bucket\_prefix](#input\_cloudtrail\_bucket\_prefix) | Access log bucket prefix, to which the bucket name will be appended to make the target\_prefix | `string` | `"cloudtrail"` | no |
 | <a name="input_component_tags"></a> [component\_tags](#input\_component\_tags) | Additional tags for Components (s3, kms, ddb) | `map(map(string))` | <pre>{<br>  "ddb": {},<br>  "kms": {},<br>  "s3": {}<br>}</pre> | no |
+| <a name="input_enable_organization"></a> [enable\_organization](#input\_enable\_organization) | Enable CloudTrail as an organization trail. This will only work in the organization master account | `bool` | `false` | no |
 | <a name="input_enable_sns"></a> [enable\_sns](#input\_enable\_sns) | Flag to enable or disable the creation of SNS for Cloudtrail (TBD) | `bool` | `false` | no |
 | <a name="input_enable_sqs"></a> [enable\_sqs](#input\_enable\_sqs) | Flag to enable or disable the creation of SQS attached to SNS for Cloudtrail, used for Splunk ingestion (TBD) | `bool` | `false` | no |
 | <a name="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn) | AWS CloudTrail KMS ARN to be used for encrypting the ClouldTrail, S3 Bucket, and SQS | `string` | n/a | yes |
diff --git a/cloudtrail/main.tf b/cloudtrail/main.tf
index 9228d37..4cf1853 100644
--- a/cloudtrail/main.tf
+++ b/cloudtrail/main.tf
@@ -54,7 +54,8 @@ locals {
   account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew"
   partition           = data.aws_arn.current.partition
 
-  name           = var.name == null ? format("%v-%v", lookup(local._defaults["cloudtrail"], "name"), local.region) : var.name
+  _name          = var.name == null ? format("%v-%v", lookup(local._defaults["cloudtrail"], "name"), local.region) : var.name
+  name           = var.enable_organization ? lookup(local._defaults["org_cloudtrail"], "name") : local._name
   kms_key_name   = format("k-%v", local.name)
   kms_admin_root = format("arn:%v:iam::%v:root", local.partition, local.account_id)
   #  kms_admin_roles     = compact(concat([var.kms_admin_root], var.kms_admin_roles))
diff --git a/cloudtrail/variables.tf b/cloudtrail/variables.tf
index 3775f86..c588afb 100644
--- a/cloudtrail/variables.tf
+++ b/cloudtrail/variables.tf
@@ -72,3 +72,9 @@ variable "component_tags" {
   default     = { "s3" = {}, "kms" = {}, "ddb" = {} }
 }
 
+
+variable "enable_organization" {
+  description = "Enable CloudTrail as an organization trail. This will only work in the organization master account"
+  type        = bool
+  default     = false
+}