HomeTerraform Modulecloudtrail-cloudwatch-alarms

cloudtrail-cloudwatch-alarms

cloudposse/cloudtrail-cloudwatch-alarms/aws

Terraform Module HCL AWS

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.

Install
module "cloudtrail-cloudwatch-alarms" {
source = "cloudposse/cloudtrail-cloudwatch-alarms/aws"
version = "0.14.3"
}
⭐ Source on GitHub 📦 Registry page
README

terraform-aws-cloudtrail-cloudwatch-alarms ![Build Status](https://travis-ci.org/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms) ![Latest Release](https://github.com/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms/releases) ![Slack Community](https://slack.cloudposse.com) [![README Header][readme_header_img]][readme_header_link] [![Cloud Posse][logo]](https://cpco.io/homepage) Terraform module for creating alarms for tracking important changes and occurances from cloudtrail. This module creates a set of filter metrics and alarms based on the security best practices covered in the AWS CIS Foundations Benchmark guide. --- This project is part of our comprehensive "SweetOps" approach towards DevOps. [ ][share_email] [ ][share_googleplus] [ ][share_facebook] [ ][share_reddit] [ ][

Inputs (27)
NameTypeDescriptionDefault
log_group_namestringThe cloudtrail cloudwatch log group name required
tenantstringID element _(Rarely used, not included by default)_. A customer identifier, indi required
label_key_casestringControls the letter case of the `tags` keys (label names) for tags generated by required
enabledboolSet to false to prevent the module from creating any resources required
environmentstringID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'st required
label_value_casestringControls the letter case of ID elements (labels) as included in `id`, set as tag required
stagestringID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'bu required
regex_replace_charsstringTerraform regular expression (regex) string. Characters matching the regex will required
sns_topic_arnstringAn SNS topic ARN that has already been created. Its policy must already allow ac required
kms_master_key_idstring The ID or alias of the customer master key (CMK) to use for encrypting the Ama required
namestringID element. Usually the component or solution name, e.g. 'app' or 'jenkins'. Thi required
id_length_limitnumberLimit `id` to this many characters (minimum 6). Set to `0` for unlimited length. required
label_orderlist(string)The order in which the labels (ID elements) appear in the `id`. Defaults to ["na required
namespacestringID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp' required
delimiterstringDelimiter to be used between ID elements. Defaults to `-` (hyphen). Set to `""` required
metric_namespacestringA namespace for grouping all of the metrics together"CISBenchmark"
additional_endpoint_arnslist(string)Any alert endpoints, such as autoscaling, or app scaling endpoint arns that will[]
log_group_regionstringThe log group region that should be monitored for unauthorised AWS API Access. C""
descriptor_formatsanyDescribe additional descriptors to be output in the `descriptors` output map. Ma{}
contextanySingle object for setting entire context at once. See description of individual { "additional_tag_map": {}, "attribu
metricsmap(object({ metric_name The cloudwatch metrics and corresponding alarm definitions{}
tagsmap(string)Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`). Neither the tag keys nor the t{}
sns_policy_enabledboolAttach a policy that allows the notifications through to the SNS topic endpointfalse
dashboard_enabledboolWhen true a dashboard that displays the statistics as a line graph will be creattrue
additional_tag_mapmap(string)Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not add{}
attributeslist(string)ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`, []
labels_as_tagsset(string)Set of labels (ID elements) to include as tags in the `tags` output. Default is [ "default" ]
Outputs (3)
dashboard_individual — URL to CloudWatch Individual Metric Dashboard
sns_topic_arn — The ARN of the SNS topic used
dashboard_combined — URL to CloudWatch Combined Metric Dashboard
Resources (5)
aws_cloudwatch_dashboardaws_cloudwatch_log_metric_filteraws_cloudwatch_metric_alarmaws_sns_topicaws_sns_topic_policy
Topics & Tags
alarmterraformsecurity-auditcloudtrailciscloudwatch-metricsdevopsterraform-modulesslack
Details
FrameworkTerraform Module
LanguageHCL
Version0.14.3
Cloud AWS
★ Stars203
Forks74
Total downloads130.8k
Inputs27
Outputs3
Resources5
Examples1
LicenseApache-2.0
Namespacecloudposse
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952terraform
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581terraform
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210terraform
label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform