update to indicate started actions

terraform · Jan 5, 2026 · 36ae9ce · 36ae9ce
1 parent 58dfd52
commit 36ae9ce
Showing 1 changed file with 23 additions and 2 deletions.
diff --git a/aws/proposals/cloudtrail/README.md b/aws/proposals/cloudtrail/README.md
@@ -20,15 +20,33 @@ As such, we asked AI about what this means, if we can reduce cost, and if we los
 
 What we plan to do:
 
-1. Remove all the non-org cloudtrails from every account and region (other than the one disconnected from our organization, used for the OpenData project).
-1. Remove the cloudtrail setup from the baseline (objectlogging is already removed from the baseline).
+1. Remove all the non-org cloudtrails from every account and region (other than the one disconnected from our organization, used for the OpenData project). [DONE]
+1. Remove the cloudtrail setup from the baseline (objectlogging is already removed from the baseline). [DONE]
 1. Remove the objectlog cloudtrail configuration from each account and region.
 1. Remove the redundant local account cloudtrail configuration from each account and region.
 1. Remove the associated S3 buckets for these cloudtrails (as they are copied into the org trail, and Sentinel is maintaining that).
 
 To further help keep costs down, we will be adding a lifecycle rule to the Organization CloudTrail bucket, moving data after 30 days to IA, after 90 days to Glacier,
 and then deleting from Glacier after 18 months.
 
+## Actions
+
+We have started this process.  As of 2026-01-02, all non-organization trails have been disabled.  The table below shows the number of trails stopped (and those which
+had already been stopped, primarily the inf-objectlogging trails).
+
+| Organization | trails stopped | trails previously stopped |
+|--------------+----------------+---------------------------+
+| ent-gov | 348 | 184 | 
+| ent-ew | 554 | 342 | 
+| lab-gov | 41 | 0 |
+| TOTAL | 943 | 526
+
+A grand total of 1469 trails exist and are stopped.  The cleanup of this will take some time, but it will be started immediatley.
+
+The first full day of trails being off showed a cost of $110 (1-3).  A prior day that week, 12-29, showed a cost of $860.  This is a savings of $750. It is
+likely that our total savings will not always be $750/day, but our 2025 cost for CloudTrail was $212,516, an average of $17,709 per month and $582 per day.
+CloudTrail is usage based, so as more stuff is used, more cost will be incurred.
+
 ## Prompt
 
 > I have a large AWS environment.  My cloudtrail costs are quite high. In each account and region I have a cloudtrail defined.  
@@ -87,3 +105,6 @@ To optimize costs while maintaining local visibility:
 
 * 1.0.0 -- 2025-12-30
   - initial
+
+* 1.0.1 -- 2026-01-05
+  - add