Why This Happens
There are two common reasons the CloudTrail connection might fail:
No CloudTrail trails exist in the AWS account
The required IAM permissions are missing from the connected role
Both are required for the platform to collect audit trail data successfully.
What You Need to Do
Step 1: Check if Trails Exist
1. Open the AWS CloudTrail console
2. Confirm whether any trails are listed
3. If you're unsure, take a screenshot of the dashboard to review
If no trails are present, the connection will fail because there’s no data to pull.
Next steps:
If audit logging isn’t needed, you can ignore CloudTrail for this account
Otherwise, create a new trail in CloudTrail, then return to the platform and try reconnecting
Step 2: Check Role Permissions
If trails do exist, check the IAM permissions:
1. Go to IAM > Roles in the AWS Console
2. Select the Scytale_ReadOnly role
3. Ensure the SecurityAudit managed policy is attached
This policy is essential for reading CloudTrail settings and events.
Without it, the connection can’t be completed—even if a trail is configured.