feat(cloudtrail): add configuration for IsOrganizationTrail

[daschaa]

Fixes #21578

Please add pr-linter/exempt-readme label since this property needs no entry in the README imho.

---

All Submissions:

• Have you followed the guidelines in our Contributing guide?

Adding new Unconventional Dependencies:

• This PR adds new unconventional dependencies following the process described here

New Features

• Have you added the new feature to an integration test?
  • Did you use yarn integ to deploy the infrastructure and generate the snapshot (i.e. yarn integ without --dry-run)?

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[gitpod-io]

[TheRealAmazonKendra]

I think I would actually like a README update on this because the CloudFormation documentation isn't clear enough. I would have been inclined to agree with you if it hadn't taken me multiple times reading it to understand what the actual behavior was.

[TheRealAmazonKendra]

What's the behavior here if the account isn't the owner of an organization and this gets set to true? Does it just fail silently? If so, do we have a way to validate that the account is actually the owner of an organization?

Pull request has been modified.

[daschaa]

@TheRealAmazonKendra I have added an entry in the README, updated the docstring and implemented your suggestion to not use the ?? false operator. Thanks for your valuable feedback!
Regarding the check if an account manages an organization, i did not find anything that could solve this problem. Do you know any way to check this?

[TheRealAmazonKendra]

@TheRealAmazonKendra I have added an entry in the README, updated the docstring and implemented your suggestion to not use the ?? false operator. Thanks for your valuable feedback! Regarding the check if an account manages an organization, i did not find anything that could solve this problem. Do you know any way to check this?

I'm not sure that there is a good way without introducing a LOT of extra complexity to this.

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 3b8ffe0
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).