CloudTrail logs include detailed events of API activity in your AWS account. It is a security best practice to tightly control who has access to these logs, and making them publicly accessible could lead to accidental exposure of details about your environment.