From 31d79e377cdff2d29fbb77edd4480e51e17e104d Mon Sep 17 00:00:00 2001
From: LaiqueSantana <lassion.santana@arquivei.com.br>
Date: Mon, 6 Nov 2023 19:11:01 -0300
Subject: [PATCH] Fix Log Prefix Formation with Multi-Account Organization
 Support in CloudTrail

---
 .../ enhancement-add-organization-template-cloud-trail    | 7 +++++++
 src/CloudTrail/LogFileIterator.php                        | 8 +++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 .changes/nextrelease/ enhancement-add-organization-template-cloud-trail

diff --git a/.changes/nextrelease/ enhancement-add-organization-template-cloud-trail b/.changes/nextrelease/ enhancement-add-organization-template-cloud-trail
new file mode 100644
index 0000000000..e64fab4855
--- /dev/null
+++ b/.changes/nextrelease/ enhancement-add-organization-template-cloud-trail	
@@ -0,0 +1,7 @@
+[
+    {
+        "type": "enhancement",
+        "category": "CloudTrail",
+        "description": "Fix Log Prefix Formation with Multi-Account Organization Support in CloudTrail"
+    }
+]
\ No newline at end of file
diff --git a/src/CloudTrail/LogFileIterator.php b/src/CloudTrail/LogFileIterator.php
index 4800433a5d..08da0293e0 100644
--- a/src/CloudTrail/LogFileIterator.php
+++ b/src/CloudTrail/LogFileIterator.php
@@ -20,7 +20,7 @@ class LogFileIterator extends \IteratorIterator
 {
     // For internal use
     const DEFAULT_TRAIL_NAME = 'Default';
-    const PREFIX_TEMPLATE = 'prefix/AWSLogs/account/CloudTrail/region/date/';
+    const PREFIX_TEMPLATE = 'prefix/AWSLogs/organization/account/CloudTrail/region/date/';
     const PREFIX_WILDCARD = '*';
 
     // Option names used internally or externally
@@ -30,6 +30,7 @@ class LogFileIterator extends \IteratorIterator
     const END_DATE = 'end_date';
     const ACCOUNT_ID = 'account_id';
     const LOG_REGION = 'log_region';
+    const ORGANIZATION_ID = 'organization_id';
 
     /** @var S3Client S3 client used to perform ListObjects operations */
     private $s3Client;
@@ -163,6 +164,9 @@ private function buildListObjectsIterator(array $options)
             'prefix' => isset($options[self::KEY_PREFIX])
                     ? $options[self::KEY_PREFIX]
                     : null,
+            'organization' => isset($options[self::ORGANIZATION_ID])
+                    ? $options[self::ORGANIZATION_ID]
+                    : null,                    
             'account' => isset($options[self::ACCOUNT_ID])
                     ? $options[self::ACCOUNT_ID]
                     : self::PREFIX_WILDCARD,
@@ -175,6 +179,8 @@ private function buildListObjectsIterator(array $options)
         // Determine the longest key prefix that can be used to retrieve all
         // of the relevant log files.
         $candidatePrefix = ltrim(strtr(self::PREFIX_TEMPLATE, $parts), '/');
+        // Normalize the key prefix to remove double slashes
+        $candidatePrefix = preg_replace('#/{2,}#', '/', $candidatePrefix);
         $logKeyPrefix = $candidatePrefix;
         $index = strpos($candidatePrefix, self::PREFIX_WILDCARD);