{"id":"cloudtrail-dashboard-auto-refresh-two-policies-required","text":"For CloudTrail Lake dashboard auto-refresh, two resource-based policies are needed: one on the event data store (allowing `StartQuery`) and one on the dashboard (allowing `StartDashboardRefresh`), both with principal `cloudtrail.amazonaws.com`.","truth_value":"IN","source":"entries/2026/03/12/awscloudtrail-latest-userguide-security_iam_resource-based-policy-exampleshtml.md","source_url":"","source_hash":"8e62421969847824","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"cloudtrail-dashboard-auto-refresh-two-policies-required","truth_value":"IN","reason":"premise"}]}}