AWS CloudTrail endpoints and quotas
To connect programmatically to an AWS service, you use an endpoint. AWS services offer the following endpoint types in some or all of the AWS Regions that the service supports: IPv4 endpoints, dual-stack endpoints, and FIPS endpoints. Some services provide global endpoints. For more information, see AWS service endpoints.
Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
The following are the service endpoints and service quotas for this service.
Service endpoints
Control plane endpoints
The following table contains AWS Region-specific endpoints that AWS CloudTrail supports for control plane operations. For more information, see the AWS CloudTrail API Reference.
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 |
cloudtrail.us-east-2.amazonaws.com cloudtrail-fips.us-east-2.amazonaws.com |
HTTPS HTTPS |
| US East (N. Virginia) | us-east-1 |
cloudtrail.us-east-1.amazonaws.com cloudtrail-fips.us-east-1.amazonaws.com |
HTTPS HTTPS |
| US West (N. California) | us-west-1 |
cloudtrail.us-west-1.amazonaws.com cloudtrail-fips.us-west-1.amazonaws.com |
HTTPS HTTPS |
| US West (Oregon) | us-west-2 |
cloudtrail.us-west-2.amazonaws.com cloudtrail-fips.us-west-2.amazonaws.com |
HTTPS HTTPS |
| Africa (Cape Town) | af-south-1 | cloudtrail.af-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Hong Kong) | ap-east-1 | cloudtrail.ap-east-1.amazonaws.com | HTTPS |
| Asia Pacific (Hyderabad) | ap-south-2 | cloudtrail.ap-south-2.amazonaws.com | HTTPS |
| Asia Pacific (Jakarta) | ap-southeast-3 | cloudtrail.ap-southeast-3.amazonaws.com | HTTPS |
| Asia Pacific (Malaysia) | ap-southeast-5 | cloudtrail.ap-southeast-5.amazonaws.com | HTTPS |
| Asia Pacific (Melbourne) | ap-southeast-4 | cloudtrail.ap-southeast-4.amazonaws.com | HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 | cloudtrail.ap-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Osaka) | ap-northeast-3 | cloudtrail.ap-northeast-3.amazonaws.com | HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 | cloudtrail.ap-northeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 | cloudtrail.ap-southeast-1.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | cloudtrail.ap-southeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Thailand) | ap-southeast-7 | cloudtrail.ap-southeast-7.amazonaws.com | HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 | cloudtrail.ap-northeast-1.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 | cloudtrail.ca-central-1.amazonaws.com | HTTPS |
| Canada West (Calgary) | ca-west-1 | cloudtrail.ca-west-1.amazonaws.com | HTTPS |
| Europe (Frankfurt) | eu-central-1 | cloudtrail.eu-central-1.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | cloudtrail.eu-west-1.amazonaws.com | HTTPS |
| Europe (London) | eu-west-2 | cloudtrail.eu-west-2.amazonaws.com | HTTPS |
| Europe (Milan) | eu-south-1 | cloudtrail.eu-south-1.amazonaws.com | HTTPS |
| Europe (Paris) | eu-west-3 | cloudtrail.eu-west-3.amazonaws.com | HTTPS |
| Europe (Spain) | eu-south-2 | cloudtrail.eu-south-2.amazonaws.com | HTTPS |
| Europe (Stockholm) | eu-north-1 | cloudtrail.eu-north-1.amazonaws.com | HTTPS |
| Europe (Zurich) | eu-central-2 | cloudtrail.eu-central-2.amazonaws.com | HTTPS |
| Israel (Tel Aviv) | il-central-1 | cloudtrail.il-central-1.amazonaws.com | HTTPS |
| Mexico (Central) | mx-central-1 | cloudtrail.mx-central-1.amazonaws.com | HTTPS |
| Middle East (Bahrain) | me-south-1 | cloudtrail.me-south-1.amazonaws.com | HTTPS |
| Middle East (UAE) | me-central-1 | cloudtrail.me-central-1.amazonaws.com | HTTPS |
| South America (São Paulo) | sa-east-1 | cloudtrail.sa-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (US-East) | us-gov-east-1 | cloudtrail.us-gov-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (US-West) | us-gov-west-1 | cloudtrail.us-gov-west-1.amazonaws.com | HTTPS |
Data plane endpoints
The following table contains AWS Region-specific endpoints that AWS CloudTrail supports for data plane operations. For more information, see the AWS CloudTrail Data API Reference.
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 | cloudtrail-data.us-east-2.amazonaws.com | HTTPS |
| US East (N. Virginia) | us-east-1 | cloudtrail-data.us-east-1.amazonaws.com | HTTPS |
| US West (N. California) | us-west-1 | cloudtrail-data.us-west-1.amazonaws.com | HTTPS |
| US West (Oregon) | us-west-2 | cloudtrail-data.us-west-2.amazonaws.com | HTTPS |
| Africa (Cape Town) | af-south-1 | cloudtrail-data.af-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Hong Kong) | ap-east-1 | cloudtrail-data.ap-east-1.amazonaws.com | HTTPS |
| Asia Pacific (Jakarta) | ap-southeast-3 | cloudtrail-data.ap-southeast-3.amazonaws.com | HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 | cloudtrail-data.ap-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Osaka) | ap-northeast-3 | cloudtrail-data.ap-northeast-3.amazonaws.com | HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 | cloudtrail-data.ap-northeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 | cloudtrail-data.ap-southeast-1.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | cloudtrail-data.ap-southeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 | cloudtrail-data.ap-northeast-1.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 | cloudtrail-data.ca-central-1.amazonaws.com | HTTPS |
| Europe (Frankfurt) | eu-central-1 | cloudtrail-data.eu-central-1.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | cloudtrail-data.eu-west-1.amazonaws.com | HTTPS |
| Europe (London) | eu-west-2 | cloudtrail-data.eu-west-2.amazonaws.com | HTTPS |
| Europe (Milan) | eu-south-1 | cloudtrail-data.eu-south-1.amazonaws.com | HTTPS |
| Europe (Paris) | eu-west-3 | cloudtrail-data.eu-west-3.amazonaws.com | HTTPS |
| Europe (Stockholm) | eu-north-1 | cloudtrail-data.eu-north-1.amazonaws.com | HTTPS |
| Middle East (Bahrain) | me-south-1 | cloudtrail-data.me-south-1.amazonaws.com | HTTPS |
| Middle East (UAE) | me-central-1 | cloudtrail-data.me-central-1.amazonaws.com | HTTPS |
| South America (São Paulo) | sa-east-1 | cloudtrail-data.sa-east-1.amazonaws.com | HTTPS |
Service quotas
| Name | Default | Adjustable | Description |
|---|---|---|---|
| Channels | Each supported Region: 25 | No | This quota applies to channels used for CloudTrail Lake integrations with event sources outside of AWS, and does not apply to service-linked channels. |
| CloudTrail file size sent to Amazon S3 | Each supported Region: 50 Megabytes | No | For both management and data events, CloudTrail sends events to S3 in maximum 50 MB (compressed) ZIP files. If enabled on the trail, log delivery notifications are sent by Amazon SNS after CloudTrail sends ZIP files to S3. |
| Concurrent dashboard refreshes | Each supported Region: 1 | No | The maximum number of ongoing refreshes per dashboard. |
| Concurrent queries | Each supported Region: 10 | No | The maximum number of queued or running queries that you can run simultaneously in CloudTrail Lake. |
| Conditions across all advanced event selectors | Each supported Region: 500 | No | If a trail uses advanced event selectors, a maximum of 500 total values for all conditions in all advanced event selectors is allowed. Unless a trail logs data events on all resources, such as all S3 buckets, a trail is limited to 250 data resources. Data resources can be distributed across event selectors, but the total cannot exceed 250. |
| Custom Dashboards per region | Each supported Region: 100 | No | The maximum number of custom dashboards per region. |
| Data resources across all event selectors in a trail | Each supported Region: 250 | No | If you choose to limit data events by using event selectors or advanced event selectors, the total number of data resources cannot exceed 250 across all event selectors in a trail. |
| Event data stores | Each supported Region: 10 | No | The maximum number of event data stores per region. This includes single-Region event data stores for the Region, multi-Region event data stores across all AWS Regions, and organization event data stores. In shadow regions, to get the latest resource count metric, call the ListEventDataStores API. |
| Event selectors | Each supported Region: 5 | No | The maximum number of event selectors per trail. |
| Event size | Each supported Region: 256 Kilobytes | No | The maximum event size (in KB). All event versions: events over 256 KB cannot be sent to CloudWatch Logs. Event version 1.05 and newer: maximum event size of 256 KB. |
| Events per PutAuditEvents request | Each supported Region: 100 | No | You can add up to 100 activity events (or up to 1 MB) per PutAuditEvents request. |
| Summarized query results size | Each supported Region: 3 Megabytes | No | The maximum size (in MB) of query results that can be summarized in a month |
| Trails per region | Each supported Region: 5 | No | The maximum number of trails per region. In shadow regions, to get the latest resource count metric, call the ListTrails API. |
| Transactions per minute (TPM) for the GenerateQuery API | Each supported Region: 4 per minute | No | The maximum number of operation requests you can make per minute without being throttled. |
| Transactions per second (TPS) for the AddTags API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the CancelQuery API | Each supported Region: 3 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the CreateChannel API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the CreateDashboard API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the CreateEventDataStore API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the CreateTrail API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DeleteChannel API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DeleteDashboard API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DeleteEventDataStore API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DeleteResourcePolicy API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DeleteTrail API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DeregisterOrganizationDelegatedAdmin API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DescribeQuery API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DescribeTrails API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the DisableFederation API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the EnableFederation API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetChannel API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetDashboard API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetEventDataStore API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetEventSelectors API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetImport API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetInsightSelectors API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetQueryResults API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetResourcePolicy API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetTrail API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the GetTrailStatus API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListChannels API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListDashboards API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListEventDataStores API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListImportFailures API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListImports API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListInsightsMetricData API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListPublicKeys API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListQueries API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListTags API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the ListTrails API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the LookupEvents API | Each supported Region: 2 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the PutAuditEvents API | Each supported Region: 100 | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the PutEventSelectors API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the PutInsightSelectors API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the PutResourcePolicy API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the RegisterOrganizationDelegatedAdmin API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the RemoveTags API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the RestoreEventDataStore API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the SearchSampleQueries API | Each supported Region: 10 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StartDashboardRefresh API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StartEventDataStoreIngestion API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StartImport API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StartLogging API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StartQuery API | Each supported Region: 3 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StopEventDataStoreIngestion API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StopImport API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the StopLogging API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the UpdateChannel API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the UpdateDashboard API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the UpdateEventDataStore API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Transactions per second (TPS) for the UpdateTrail API | Each supported Region: 1 per second | No | The maximum number of operation requests you can make per second without being throttled. |
| Widgets per dashboard | Each supported Region: 10 | No | The maximum number of widgets per dashboard. |
For more information, see Quotas in AWS CloudTrail.
