Skip to content
/ terraform-aws-cloudtrail-alerts Public
generated from geekcell/terraform-aws-module-template

Terraform module to provision an AWS Cloudwatch Alerts for Cloudtrail.

www.geekcell.io

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

geekcell/terraform-aws-cloudtrail-alerts

BranchesTags

Repository files navigation

Geek Cell GmbH

Code Quality

License GitHub release (latest tag) Release Validate Lint

Terraform AWS CloudTrail Alerts Module

A module that create CloudWatch metric filters and alarms required for most modern compliance reports. This module includes the necessary metric filters and alarms for the following compliance reports:

Compliance Report Sections
CIS AWS Foundations Benchmark v1.5.0 Section 4.1 - 4.15
NIST 800-171 v2 Section 3.12.3
ISO/IEC 27001 v2 Section A.12.4.1
PCI DSS v3.2.1 Section 10.1
SOC 2 v2 Section 5.2

This module can also create an SNS topic with a Slack channel configuration for AWS Chatbot (must be configured) manually in the AWS Console.

Inputs

Name Description Type Default Required
cloudtrail_log_group_name The name of the CloudWatch log group to filter for events. Defaults to the AWS Control Tower created Baseline. string "aws-controltower/CloudTrailLogs" no
cloudwatch_namespace The namespace to use for the CloudWatch metric filter. string "CISBenchmark" no
prefix Prefix that will added to created resources. string n/a yes
slack_channel_id The ID of the Slack channel to send alerts to. string null no
slack_workspace_id The ID of the Slack workspace to send alerts to. string null no
sns_kms_master_key_alias The alias of the KMS key to use to encrypt the SNS topic if no key is provided. string "alias/sns/cloudtrail-alerts" no
sns_kms_master_key_id The ARN of the KMS key to use to encrypt the SNS topic. Will create a new CMK if not provided. string null no
sns_topic_arn Use an existing SNS topic to send alerts to. string null no
tags Tags to add to the created resources. map(any) {} no

Outputs

No outputs.

Providers

Name Version
aws >= 4.40
awscc 0.53.0

Resources

  • resource.aws_cloudwatch_log_metric_filter.main (main.tf#24)
  • resource.aws_cloudwatch_metric_alarm.main (main.tf#38)
  • resource.aws_kms_alias.main (main.tf#71)
  • resource.aws_kms_key.main (main.tf#59)
  • resource.aws_sns_topic.main (main.tf#110)
  • resource.awscc_chatbot_slack_channel_configuration.main (main.tf#120)
  • data source.aws_caller_identity.current (main.tf#18)
  • data source.aws_cloudwatch_log_group.cloudtrail (main.tf#20)
  • data source.aws_iam_policy_document.kms (main.tf#78)

Examples

Complete

module "example" {
  source = "../../"

  prefix = "root"
}

About

Terraform module to provision an AWS Cloudwatch Alerts for Cloudtrail.

www.geekcell.io

Topics

alarm aws cis alert terraform logging cloudwatch audit sns cloudtrail terraform-module

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 4

Release v1.0.3 Latest
Nov 21, 2023
+ 3 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages