xpk/terraform.aws-baseline-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
a804af15db
terraform.aws-baseline-infra/modules/security_identity_compliance/cloudtrail_cwlogs
History
xpk a804af15db
NEW: guardduty and kms key rotation
2021-01-31 22:18:26 +08:00
..
cloudtrail.tf NEW: cloudtrail and cwl 2021-01-26 21:40:02 +08:00
ct-key.tf NEW: guardduty and kms key rotation 2021-01-31 22:18:26 +08:00
ct-s3-bucket.tf UPD: adjusted bucket permissions 2021-01-28 09:25:50 +08:00
cw-loggroup.tf UPD: added CIS 3.x CWL alarms 2021-01-29 14:39:58 +08:00
main.tf NEW: cloudtrail and cwl 2021-01-26 21:40:02 +08:00
outputs.tf NEW: cloudtrail and cwl 2021-01-26 21:40:02 +08:00
README.md DOC: added readme 2021-01-28 16:36:32 +08:00
variables.tf NEW: iam roles 2021-01-27 09:42:51 +08:00

README.md

Overview

This module performs the following tasks:

  • Create KMS key for cloudtrail and CWL encryption
  • Create s3 bucket for cloudtrail use
  • Create cloudtrail
  • Create cloudwatch log group for cloudtrail
  • Create cloudwatch metric filter for CIS1.1
  • Create cloudwatch alarm for CIS1.1

Inputs:

Name Description Type Default Required
application name of application string none yes
environment capacity of environment (prd/dev/lab) string none yes
customer-name owner of aws resources string none yes
project name of project string none yes
default-tags tags to be added to resources list none yes
cloudtrail-retain-days Days before cloudtrail logs are expired on s3 number 90 yes
aws-region-short short name of aws region (e.g. apne1) string none yes