cloudtrail
azavea/cloudtrail/aws
A Terraform module to create an Amazon Web Services (AWS) CloudTrail Trail.
terraform-aws-cloudtrail A Terraform module to create an Amazon Web Services (AWS) CloudTrail trail. Usage This module creates a trail that logs to an S3 bucket. The module can be configured to log to an existing S3 bucket, or to make a new one for you automatically. ``hcl module "cloudtrail" { source = "github.com/azavea/terraform-aws-cloudtrail?ref=0.1.0" region = "us-east-1" create_s3_bucket = true s3_bucket_name = "mysite-logs" s3_key_prefix = "cloudtrail" enable_s3_bucket_expiration = false s3_bucket_days_to_expiration = 90 enable_s3_bucket_transition = true s3_bucket_days_to_transition = 90 s3_bucket_transition_storage_class = "ONEZONE_IA" enable_logging = true enable_log_file_validation = false include_global_service_events = true is_multi_region_trail = false is_organization_trail
| Name | Type | Description | Default |
|---|---|---|---|
| s3_bucket_name | any | Name of the S3 bucket to store logs in (required). | |
| environment | any | Name of the environment this Trail is targeting. | "Unknown" |
| create_s3_bucket | any | Specifies whether to create a new S3 bucket. When false, you must provide a vali | "true" |
| s3_bucket_transition_storage_class | any | Specifies the S3 storage class to which logs will transition for archival. Only | "ONEZONE_IA" |
| is_multi_region_trail | any | Specifies whether the trail is created in the current region or in all regions. | "false" |
| enable_log_file_validation | any | Specifies whether log file integrity validation is enabled. | "false" |
| is_organization_trail | any | Specifies whether the trail is an AWS Organizations trail, which must be created | "false" |
| region | any | Name of the region where the Trail should be created. | "us-east-1" |
| s3_bucket_days_to_transition | any | How many days to store logs before they will be transitioned to a new storage cl | "90" |
| include_global_service_events | any | Specifies whether the trail is publishing events from global services such as IA | "true" |
| project | any | Project name, used for tagging and naming the Trail. | "Unknown" |
| enable_s3_bucket_expiration | any | Specifies whether to enable an expiration policy for the log storage bucket. | "false" |
| s3_bucket_days_to_expiration | any | How many days to store logs before they will be deleted. Only applies if `enable | "90" |
| enable_s3_bucket_transition | any | Specifies whether to enable a storage class transition for the S3 bucket. | "true" |
| enable_logging | any | Specifies whether to enable logging for the trail. | "true" |
| s3_key_prefix | any | Specifies the S3 key prefix that precedes the name of the bucket you have design | "" |
id — The name of the trail.home_region — The region in which the trail was created.arn — The Amazon Resource Name of the trail.bucket_id — The name of the log bucket, if one was created -- otherwise, an empty string.bucket_arn — The Amazon Resource Name of the log bucket, if one was created -- otherwise, an empty string.Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,