---
inputType: "CA10__CaAwsAccount__c"
testData:
  - file: "test-data.json"
conditions:
  - status: "COMPLIANT"
    currentStateMessage: "This AWS account has a multi-Region CloudTrail enabled."
    check:
      RELATED_LIST_HAS:
        status: "COMPLIANT"
        relationshipName: "CA10__AWS_CloudTrail_Trails__r"
otherwise:
  status: "INCOMPLIANT"
  currentStateMessage: "This AWS account does not have a multi-Region CloudTrail enabled."
relatedLists:
  - relationshipName: "CA10__AWS_CloudTrail_Trails__r"
    importExtracts:
    - file: "/types/CA10__CaAwsCloudTrailTrail__c/object.extracts.yaml"
    conditions:
      - status: "COMPLIANT"
        currentStateMessage: "This CloudTrail is multi-Region and logging."
        check:
          AND:
            args:
              - IS_EQUAL:
                  left:
                    EXTRACT: "CA10__multiRegionTrail__c"
                  right:
                    BOOLEAN: true
              - IS_EQUAL:
                  left:
                    EXTRACT: "CA10__isLogging__c"
                  right:
                    BOOLEAN: true
              - IS_EQUAL:
                  left:
                    EXTRACT: "caJsonText__eventSelectorsJsonReadWriteType__c"
                  right:
                    TEXT: "All"
              - IS_EQUAL:
                  left:
                    EXTRACT: "caJsonBoolean__eventSelectorsJsonIncludeManagementEvents__c"
                  right:
                    BOOLEAN: true
    otherwise:
      status: "INCOMPLIANT"
      currentStateMessage: "This CloudTrail is not multi-Region or not logging."
      remediationMessage: "Enable this CloudTrail as a multi-Region trail."