You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70a5102387 | 4 years ago | |
---|---|---|
.. | ||
README.md | 4 years ago | |
main.tf | 4 years ago | |
variables.tf | 4 years ago |
README.md
Cloudtrail Alarms
Hooks into an existing Cloudtrail and Cloudwatch Logs deployment enabled so that we can setup Log metric filters to look for certain patterns.
We are able to tail Cloudtrail events and alarm on certain log messages as they occur. The full list can be seen in main.tf
These alarms are necessary to be in compliance with CIS Benchmarks, a very popular framework for securing AWS environments.
Usage
module "cloudtrail" {
source = "github.com/lalanza808/tf-modules.git/security/cloudtrail"
force_destroy_bucket = true
}
module "sns_topic" {
source = "github.com/lalanza808/tf-modules.git/monitoring/sns-email-topic"
sns_emails = ["user@email.com"]
}
module "cloudtrail-alarms" {
source = "github.com/lalanza808/tf-modules.git/monitoring/cloudtrail-alarms"
log_group_name = module.cloudtrail.log_group_name
sns_topic_arn = module.sns_topic.topic_arn
account_name = "Sandbox"
}
Inputs
log_group_name
- Cloudwatch Logs group containing Cloudtrail event datasns_topic_arn
- The SNS topic ARN to publish event messages to based upon alarm conditionsaccount_name
- Name of the AWS account for labeling purposes
See the full list of inputs here: variables.tf
Outputs
None - output.tf