| EVENT_ALERT_LIST |
Event List which event is not ignore. |
string |
"" |
no |
| EVENT_IGNORE_LIST |
Event List which event is ignore. |
string |
"" |
no |
| SOURCE_LIST |
Event Source List which event is ignore. |
string |
"" |
no |
| USER_IGNORE_LIST |
User List which event is ignore. |
string |
"" |
no |
| account_type |
The type of the AWS account. The possible values are individual, master and member . Specify master and member to set up centalized logging for multiple accounts in AWS Organization. Use individual otherwise. |
string |
"individual" |
no |
| additional_member_root_arn |
Additional member root user arn. |
list(any) |
[] |
no |
| additional_member_trail |
Additional member trails. |
list(any) |
[] |
no |
| cloudwatch_logs_group_name |
The name of CloudWatch Logs group to which CloudTrail events are delivered. |
string |
"iam_role_name" |
no |
| cloudwatch_logs_retention_in_days |
Number of days to retain logs for. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely. |
number |
365 |
no |
| enable_log_file_validation |
Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. |
bool |
true |
no |
| enable_logging |
Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. |
bool |
true |
no |
| enabled |
The boolean flag whether this module is enabled or not. No resources are created when set to false. |
bool |
true |
no |
| environment |
Environment (e.g. prod, dev, staging). |
string |
"" |
no |
| iam_role_name |
The name of the IAM Role to be used by CloudTrail to delivery logs to CloudWatch Logs group. |
string |
"CloudTrail-CloudWatch-Delivery-Role" |
no |
| iam_role_policy_name |
The name of the IAM Role Policy to be used by CloudTrail to delivery logs to CloudWatch Logs group. |
string |
"CloudTrail-CloudWatch-Delivery-Policy" |
no |
| include_global_service_events |
Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. |
bool |
true |
no |
| is_multi_region_trail |
Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. |
bool |
true |
no |
| is_organization_trail |
Specifies whether the trail is an AWS Organizations trail. Organization trails log events for the master account and all member accounts. Can only be created in the organization master account. |
bool |
false |
no |
| key_arn |
The arn of the KMS. |
string |
"" |
no |
| label_order |
Label order, e.g. name,application. |
list(any) |
[] |
no |
| lambda_enabled |
Whether to create lambda for cloudtrail logs. |
bool |
true |
no |
| managedby |
ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'. |
string |
"anmol@clouddrove.com" |
no |
| name |
Name (e.g. app or cluster). |
string |
"" |
no |
| s3_bucket_name |
The name of the S3 bucket which will store cloudtrail logs. |
string |
n/a |
yes |
| s3_log_bucket_name |
The name of the S3 bucket which will store logs of bucket. |
string |
n/a |
yes |
| s3_policy |
Policy of s3.. |
string |
null |
no |
| slack_channel |
Channel of slack. |
string |
"" |
no |
| slack_webhook |
Webhook of slack. |
string |
"" |
no |
| sse_algorithm |
The server-side encryption algorithm to use. Valid values are AES256 and aws:kms. |
string |
"AES256" |
no |