.. | ||
cloudtrail.tf | ||
ct-key.tf | ||
ct-s3-bucket.tf | ||
cw-loggroup.tf | ||
main.tf | ||
outputs.tf | ||
README.md | ||
variables.tf |
Overview
This module performs the following tasks:
- Create KMS key for cloudtrail and CWL encryption
- Create s3 bucket for cloudtrail use
- Create cloudtrail
- Create cloudwatch log group for cloudtrail
- Create cloudwatch metric filter for CIS1.1
- Create cloudwatch alarm for CIS1.1
Inputs:
Name | Description | Type | Default | Required |
---|---|---|---|---|
application | name of application | string | none | yes |
environment | capacity of environment (prd/dev/lab) | string | none | yes |
customer-name | owner of aws resources | string | none | yes |
project | name of project | string | none | yes |
default-tags | tags to be added to resources | list | none | yes |
cloudtrail-retain-days | Days before cloudtrail logs are expired on s3 | number | 90 | yes |
aws-region-short | short name of aws region (e.g. apne1) | string | none | yes |